[BartSimpson]

With the increase in email accounts getting hacked this past month I thought it might be nice for folks to test out their passwords and then test out some potential passwords.

http://howsecureismypassword.net/

One of my old passphrases was ~I~lik3~ic3~cr3am~ and it is pretty secure...

[Mr_Canada]

The whole 'numbers make your password more secure' thing is a myth.

A good strategy is to remember a set of random words that together with spaces are more then 16 characters (like "scratch runway tomato disco". It's easier to remember then an 8 letter password filled with random crap (like "jH42$p☭B") and is far harder for a computer to figure it out.

An XKCD comic I read once put it best, and to paraphrase it basically poked fun at how we make passwords harder for people to guess but easier for computers.

[Tricks]

1000 years for me.

[sandorski]

I wouldn't go typing my Password(s) into some box on the Internet to test its' strength. Unless it was for the website it was made for.

I'm pretty sure it's eleventy though.

[jeff744]

sandorski wrote:

I wouldn't go typing my Password(s) into some box on the Internet to test its' strength. Unless it was for the website it was made for.

I'm pretty sure it's eleventy though.

I just used a similar system of letter-symbol-number

[DrCaleb]

Billions and Billions of year to crack. But I'll be damned if I'm going to enter it into some random website, and no more likely than I'd enter my birthdate or mother's maiden name into one.

[Mr_Canada]

The site as far as I can tell isn't recording the passwords and you never 'input' the data through any form. It gives you answers in real time.

Besides, what point would there be in only having your IP address and your password? It would be a long painful process for the asshole looking through all the attempted passwords as he tries them on random websites in the vain hope it'll work.

The site is safe lol. It doesn't ask for any information and it's not like they have any sort of way to tell which entered passwords are legit and which are just fake.

[Zipperfish]

Mr_Canada wrote:

The whole 'numbers make your password more secure' thing is a myth.

A good strategy is to remember a set of random words that together with spaces are more then 16 characters (like "scratch runway tomato disco". It's easier to remember then an 8 letter password filled with random crap (like "jH42$p☭B") and is far harder for a computer to figure it out.

An XKCD comic I read once put it best, and to paraphrase it basically poked fun at how we make passwords harder for people to guess but easier for computers.

You've seen my typing. Do you you know how mnay passwords fails I'd get to type four words in a row correctly?

[DrCaleb]

Mr_Canada wrote:

The site as far as I can tell isn't recording the passwords and you never 'input' the data through any form. It gives you answers in real time.

Besides, what point would there be in only having your IP address and your password? It would be a long painful process for the asshole looking through all the attempted passwords as he tries them on random websites in the vain hope it'll work.

The site is safe lol. It doesn't ask for any information and it's not like they have any sort of way to tell which entered passwords are legit and which are just fake.

There are companies out there who make it their business to amalgamate information on you in order to target things like advertising and discounts. All sorts of information is available in the 'cookies' set by web browsers, and more often than not plenty of free apps take advantage of the gullible user by stealing this data to sell to afformetioned companies. Google saves every single search entered from a given IP address, for example. If Facebook has taught us anything, it's that people will give up their personal information like email addresses and their cell phone numbers if it thinks it makes them more popular.

It's so bad that a number of companies are starting a 'do not track' initiative. Now, you may be right, they may not save information entered into there. They may not put up hundreds of similar sites and save all the data people give them for free, and use that data maliciously. Perhaps there is no one out there taking advantage of all those personalally identifyable bits of info people leave lying around.

But after you've had your identity stolen is a bad time to find out. And the whole point of a secure password is that you never tell anyone what it is. *EVER!*

[Mr_Canada]

Google saves every search sure but there are literally billions of searches. They have like 100 employees. No one's combing it, I'm not concerned about some dude seeing my searches for "Chinchilla baldness causes" or "We're tornadoes when we dance lyrics".

I'm not naive about it, I know that identity theft is increasingly common and pretty much everyone I've known has been hacked by someone in their life, be it by an ex or some stranger. I know information is sold willy-nilly behind people's backs for the ultimate goal of corporate profit. I don't delude myself that it's possible to be misled by a seemingly legit website and be scammed. It happens and I've seen people fall for them.

I trust this site because it doesn't ask for anything other than for your password. It makes no connection with another site, it has no way of knowing the password is real or fake, and as far as I can tell not saving anything entered (since it's examining it letter by letter, it would need to save all of that, like "a little bit" would have to be saved as "a", "a ", "a l", etc. since that's how the application runs; it's inefficient. You never press the enter key to submit info affirmatively.) Logically I deduce that it would just be too difficult to maintain this website maliciously. Here's their privacy policy which explains why it's not possible for them to fuck you over:

Quote:

How Secure Is My Password uses JavaScript, which is a client side language - all the calculations are performed by your computer. This means that once you've loaded the site in your browser nothing else will pass between your computer and the server - nothing you type in leaves your computer. If you'd like to check this you can load the site and then turn off your internet connection - everything will continue to work.

I've had the privilege of never having any account 'hacked' before. I don't randomly leave my info anywhere and am pretty safe about it. No one gets my password. Not friends, not family, no one.

Funny thing too, according to this website my current CKA password would only take 2 days to crack.

[Mr_Canada]

Zipperfish wrote:

Mr_Canada wrote:

The whole 'numbers make your password more secure' thing is a myth.

A good strategy is to remember a set of random words that together with spaces are more then 16 characters (like "scratch runway tomato disco". It's easier to remember then an 8 letter password filled with random crap (like "jH42$p☭B") and is far harder for a computer to figure it out.

An XKCD comic I read once put it best, and to paraphrase it basically poked fun at how we make passwords harder for people to guess but easier for computers.

You've seen my typing. Do you you know how mnay passwords fails I'd get to type four words in a row correctly?

Ahahaha I've always wondered if you had broken fingers or something

After awhile I don't think it'd be too much of a problem actually, and if it did then just choose words that you don't commonly have spelling errors with. I wouldn't put 'fucking' in my password because I always type it too fast and end up with 'fuckign' for example

[Regina]

DrCaleb wrote:

Billions and Billions of year to crack. But I'll be damned if I'm going to enter it into some random website, and no more likely than I'd enter my birthdate or mother's maiden name into one.

Exactly!

[bootlegga]

Hmmmm, I typed in all of my passwords that I use everywhere and suddenly my bank account has been drained by someone in Nigeria, my credit card was used to subscribe to a large number of porn websites, my Facebook is spamming people and my eBay account bought a laptop for some kid in Indonesia.

I wonder how all that happened?

[Regina]

bootlegga wrote:

Hmmmm, I typed in all of my passwords that I use everywhere and suddenly my bank account has been drained by someone in Nigeria, my credit card was used to subscribe to a large number of porn websites, my Facebook is spamming people and my eBay account bought a laptop for some kid in Indonesia.

I wonder how all that happened?

Great to see the charity work you're doing for the 3rd world countries. Too bad about the Facebook thing though.

[bootlegga]

Regina wrote:

bootlegga wrote:

Hmmmm, I typed in all of my passwords that I use everywhere and suddenly my bank account has been drained by someone in Nigeria, my credit card was used to subscribe to a large number of porn websites, my Facebook is spamming people and my eBay account bought a laptop for some kid in Indonesia.

I wonder how all that happened?

Great to see the charity work you're doing for the 3rd world countries. Too bad about the Facebook thing though.

What can I say, I care about my fellow man!

Come (pun intended) to think of it now, I think one (or two) of those porn sites are my fault...