Welcome Guest [Log In] [Register]


Welcome to ZionFireFriends. We]re glad you're here! Our public forums are open, but you must be logged in to participate in the discussions and member forums. You can become a ZFFriend just by submitting a quick registration. You be notified by email with your login information, usually within a few minutes. If you do not receive a validation email, first check your bulk or spam folder. If not, then please contact us through the Help Me! button below and we will validate you.

Posted Image Who we are, what this forum is about
Posted Image Benefits of of becoming a ZFF member
Posted Image click here for registration form
Posted Image Can't register or log in? Ask for help.
Posted Image Take a tour of our worship banners

Join our community!

If you're already a member please log in to your account to access all of our features:

Username:   Password:
Add Reply
make strong passwords; know what makes a password vulnerable
Topic Started: Oct 28 2006, 07:53 PM (443 Views)
HelenaZF Oct 28 2006, 07:53 PM Post #1
Member Avatar
"more is more"

 You should use a strong password (mixed letters, symbols, numbers) based on a word that cannot be found in a dictionary. Doing so prevents what Invision Board calls "cracking". Apparently there are people roaming around who think it's a hoot to break into message boards and be obnoxious. More important for moderators/administrators than members, but still.....a word to the wise. If you have a very simple password, make it a little more complicated.

Read on, if you want to know what makes a password vulnerable, and how alt characters can make your password nearly uncrackable.

Probably the most conventional way to crack a password in which the list of words found in a dictionary are used to try every possible single word. There are many different dictionary lists available besides the typical language specific such as the lists of names, slangs, acronyms, abbreviations, contractions and many other different forms of language use. Some new attacks also include 2-3 digits and/or other character combination added to the beginning or the end of every word attempted for every list. The other, a bit slower process is the use of case changing of each letter in all available dictionary lists in every possible position and combination for each word. For any of the above, a system with approximately 3 GHz processor and 512MB of RAM, can breeze through all attempts in no more than a few minutes to few hours. Upshot: Don't use words that can be found in a dictionary and think you are safe just because you added a number & a few characters.

To see a chart on how long various computer systems take to break down passwords, see this chart: http://www.lockdown.co.uk/?pg=combi&s=articles
It will become clear quite quickly that having a longer password with more fields is the best way to go.


Password cracking programs allow for group character selection to minimize on processing time. Usually they are:
* 0123456789
* abcdefghijklmnopqrstuvwxyz
* ABCDEFGHIJKLMNOPQRSTUVWXYZ
* !@#$%^&*()-_+=
* ~ []{}|\ ;:<>,.?/

Choosing a password that includes at least one character from each of the five groups will keep a brute force attacking program guessing for a long time. Try coming up with your own words such as those that have never been spoken by anyone and certainly are not found in a dictionary. The above list is also made of characters that can be typed on a standard keyboard but there are many other ones found in windows character map which could be preset to be typed by a combination of keys.

While the above is good advise, adding alt-characters to your passwords makes it impossible to crack with todays current password cracking tools, here is a table that lists them all:

Posted Image

http://www.combobulate.com/node/25


If you'd like to generate a password for yourself on occasion, you can use the customizable generator found here: http://www.winguides.com/security/password.php
Posted Image....See our banners in the ZionFire.com Gallery
Offline Profile Quote Post Goto Top
 
flaglady Oct 28 2006, 09:10 PM Post #2
Member Avatar
Foster
[ * * * * ]
 Excellent advice, Helena! Never thought of using alt-characters!

You can also check your password on this site
Posted Image

Posted Image
Offline Profile Quote Post Goto Top
 
HelenaZF Oct 28 2006, 10:21 PM Post #3
Member Avatar
"more is more"

 Add and alt character is such a simple solution too. I hope everyone considers it.

There is so much identity theft and information theft out there...it's not just about people messing up message boards, but it really could mess up your life if people figure out your passwords to financial information.

My hope is to help raise some awareness that there are predators in cyberspace and just like we don't secure our homes by duct-taping the doors, we shouldn't be cavalier about the locks we put on our private information and think no one will pay attention.
Posted Image....See our banners in the ZionFire.com Gallery
Offline Profile Quote Post Goto Top
 
1 user reading this topic (1 Guest and 0 Anonymous)
« Previous Topic · Help & Tech Tools · Next Topic »
Add Reply