Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

PowerFullMac

macrumors 601
Oct 16, 2006
4,000
1
While not bad, this password system not as secure as you think that it might be. It can be hacked given time and resources since a dictionary type attack could be used.

Throw in a few numbers and punctuation if you want a much more secure password.

Well I would have thought a brute force hacking program would take forever to crack a sentence... I will put commas and full stops in next time, I will make a whole paragraph! Nothing will crack that!
 

sushi

Moderator emeritus
Jul 19, 2002
15,639
3
キャンプスワ&#
Well I would have thought a brute force hacking program would take forever to crack a sentence... I will put commas and full stops in next time, I will make a whole paragraph! Nothing will crack that!
Your concept is good since it is long and mixes spaces with words where some are capitalized and others are not. However, if your words are all available in a dictionary, then it is possible to use a dictionary attack.

All you need to do, is add a few numbers and one punctuation mark in there and it will be much harder in orders of magnitude to crack.

On a slightly different topic, one issue today, is that some sites have min-max password length constraints. So lets say you have a favorite password system that you use that generates 20 character (letters, numbers and punctuation) passwords for you. Then you go to a site that only accepts 12 character passwords, or one that can take 20 characters but no punctuation.

So you basically need a couple of password generating systems today...unfortunately.
 

SuperCompu2

macrumors 6502a
Jul 23, 2006
852
1
MA
A nice password combining a bunch of different deterrents was actually easy to remember back when I used it (now retired, i told someone it who could have potentially exploited it)

PowerMacG3

Caps, numbers, and an easy to remember password. Nice length too.

Plus, if you really wanted something no one would guess..

PowerBookG5

haha
 

neiltc13

macrumors 68040
May 27, 2006
3,126
19
Bummer dude. You should look into 1password for password management. Then you could have complex passwords for all your services and you would only need to remember one

How does 1password cope if I want to log in to my email account on a computer which doesn't have the software?
 

neiltc13

macrumors 68040
May 27, 2006
3,126
19
Seems like a pretty stupid service if you can only log in to your webmail etc. from the computer on which you have 1password.
 

JNB

macrumors 604
Seems like a pretty stupid service if you can only log in to your webmail etc. from the computer on which you have 1password.

That's the whole point: it is not a service. It is a standalone application, always has been, and has never been positioned as anything but.

Now, as far as a web service that will store all your passwords, account numbers, etc., who exactly do you trust with that info?
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.