Jump to content

On the h4xx0ring of p4sswordZ


Recommended Posts

Dan's Data is one of my old favourite sites, Aussie, kinda geeky, with hints of XKCD and rather addictive. And lots of really useful tips. Although his posts are less frequent lately, there's a goldmine to explore.

I just happened across this article, a fascinating insight on passwords. Put your protective sarcasm goggles on. :)

 

On the h4xx0ring of p4sswordZ

  • Like 1
Link to post
Share on other sites

true, sunrat, most folks can't password for nothin'

 

adam, interesting, but looks like the rsa-key, and like the rsa-key, a second form of id should be required

(so the key holder does not automatically become the authenticated user, in the case of the lost hardware key.)

Link to post
Share on other sites
  • 2 weeks later...

watt i should've said is, unlike the rsa-key which requires another password, the sqrl thingy has the potential of saying, just because i am, i am the authorized owner and therefore believe me.

Link to post
Share on other sites
ross549

Yes, and the model behind SQRL makes it extremely difficult (impractical to attempt) to spoof your identity.

 

Unless someone commandeers your device. they would have to get into the application that contains your identity.

 

Adam

Link to post
Share on other sites
V.T. Eric Layton

I use reverse psychology when choosing a password because I figure all the hackers are expecting something complicated these days, so I use passwords like "password1", "eric1", and "drowssap". ;)

Link to post
Share on other sites
V.T. Eric Layton

I'm sure everyone realizes my comment above was most definitely tongue-in-cheek. In actuality, I use 128 character minimum passwords created on a CRAY system with random number/character generators using specialized string theorems in conjunction with advanced logarithmic functions. They are so secure even I can't remember them. ;)

Link to post
Share on other sites
amenditman

They are so secure even I can't remember them. ;)

Well, that will prevent you from accidentally pissing off everyone you know when you are in a drunken stupor.

Try that on Facebook!

  • Like 1
Link to post
Share on other sites
ross549

I'm sure everyone realizes my comment above was most definitely tongue-in-cheek. In actuality, I use 128 character minimum passwords created on a CRAY system with random number/character generators using specialized string theorems in conjunction with advanced logarithmic functions. They are so secure even I can't remember them. ;)

 

Everyone knows string theory is the biggest scientific scam since Tesla's earthquake machine.

 

write your passwords on a 512 qbit quantum computer for REAL security.

 

Adam

Link to post
Share on other sites

dunno - he took his magnetic resonator to a construction site, set it to hum at the primary freq of the iron beams and pretty much toppled the site (or almost did, may have stopped short.)

Link to post
Share on other sites
V.T. Eric Layton

Tesla was a character from history with whom I would love to go back in time and have a nice dinner and some conversation. :yes:

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...