Kev Posted March 28, 2022 Report Posted March 28, 2022 Here’s a strong password: Mi7ki#Gi3na&Go1ld$ Do not use it anywhere. Read the following to understand how we came up with this password, and use a similar logic to make passwords from words you can remember, without telling anyone! This is for educational purposes only. Why is this a strong password? Based on the latest research from Carnegie Mellon University, strong passwords have at least 12 characters (the longer, the better), do not contain any dictionary words (the hackers use databases with common words), and have uppercase and special characters at non-obvious places (the hackers know if you put special characters in the obvious places, like replacing a 5 with an S). You can copy the password above and paste it in the Carnegie Mellon Password Strength Meter to see how strong it is, and tweak it to make it even more stronger. How can I remember this password? Here’s the logic we used to make this password from the three words you entered: First, we capitalized the words. That you can easily remember! It's better to capitalize random letters of each word, but this password does not include that because there is already enough complexity which makes it strong. Then, we inserted a number in the middle of each word, to make it unidentifiable as a dictionary word. For example, ca8ts is harder to guess than cats. You can insert any three numbers you like and remember that. Finally, we inserted special characters between the words. You can pick your own special characters. In combination, this password is long and complex enough that it is hard to guess, but is also based on three words you like, so it’s easy to remember. Why not just use "mikiginagold"? Because it’s too easy to guess, unless you chose three words that don’t exist in the dictionary. Even then, we recommend you insert some numbers and special characters somewhere in the middle so they increase in complexity. You can play around with the Carnegie Mellon Password Strength Meter tool. Why three words? Why not just two words and numbers and special characters? The longer the password, the harder it is to guess, and the stronger it is. It takes exponentially more effort for hackers to crack a longer password. This is really really important. Why not just "miki123" or "gina123" or "gold123"? Never ever use these! It’s very common for people to simply add 123 or 123! to their favorite words and use that string as a password, but such passwords are the weakest and can be guessed very easily. Millions of passwords have been breached and stored in hacker databases, and xxx123! are very common in them. Why are strong passwords important? Because passwords are stolen all the time, and if your password is weak, it can be guessed and your accounts can be breached. Did you know that you can actually find out if any of your existing passwords may have been breached? Go to https://monitor.firefox.com/ and enter your email address. It will show you all your passwords that may have been breached. What else can I do to keep my passwords safe? First, use strong passwords for all accounts with the logic explained above. If any of your online accounts support social logins via Google or Facebook, use that and avoid creating a password! Second, use unique passwords for each of your online accounts. Do not use the same password for multiple accounts. If one is breached, you don’t want the others to be exposed as well. Third, enable two-factor authentication when possible. Even if your account is breached, two-factor allows you to confirm when someone is trying to login to your accounts–that’s a good safety mechanism. Finally, keep an eye on password breaches by registering at https://monitor.firefox.com/ . It will email you if any of your passwords were found in a breach, and you can change them immediately. Link: https://makestrongpassword.com/ Source: Google 1 Quote
Massaro Posted March 28, 2022 Report Posted March 28, 2022 makestrongpassword.com’s server IP address could not be found. Quote
Kev Posted March 28, 2022 Author Report Posted March 28, 2022 4 hours ago, Massaro said: makestrongpassword.com’s server IP address could not be found. Posibil sa fi cautat lumea dictionare a fost up cand am postat: isi revine, don't worry Quote
FaNt0maX Posted March 29, 2022 Report Posted March 29, 2022 Pentru ce ai nevoie de tool-uri când e de ajuns ideea ? Quote
yoyois Posted March 30, 2022 Report Posted March 30, 2022 Ce nu am inteles eu niciodata e: "La ce folosesti o parola secure?" Oricum trebuie sa folosesti parole diferite pentru fiecare serviciu. Parola Mi7ki#Gi3na&Go1ld$ e inutila daca o folosesti si pe gmail si pe hacker-romania-forum.biz.co Adminul serviciului se poate sa nu ii faca nici macar un hash, sau sa o vanda el, personal ca leak. In opinia mea, parola Mi7ki#Gi3na&Go1ld$ e overkill pentru gmail, facebook, instagram, etc. Nu se poate face bruteforce la login, iar hashul parolei, daca e leak, e leak si la content. Ca doar nu face cineva dump doar la tabelul parole dar nu si la tabelele mesaje si admin. In plus chiar daca e leaked hashul parolei de facebook, sper ca facebook foloseste salted hash... Si poate hardened cu 100000x rounds scrypt?!? Adica mult mai greu de crackuit... Adica parola Mi7ki#Gi3na&Go1ld$ nu e ideala nici pentru servicii in care nu ai incredere, nici pentru servicii in care ai incredere maxima. Desigur, parola e ok in cazul in care ai asteptarea ca hashul devine public. (ca de exemplu JWT tokens, ECC keys, public SSH etc.) In cazul asta cred ca e mult mai rezonabil sa folosesti o parola random, cu o entropie definita. Si ca sa o retii folosesti un keychain privat cu ce parola vrei tu. (plus hardening 10000..x rounds scrypt, bcrypt, etc.) Sunt curios la ce folositi voi o parola ca "Mi7ki#Gi3na&Go1ld$"? Care e pitfall-ul in care cad eu, crezand ca o parola ca "AlexFootballC00L!!!" e mai mult decat ok pentru majoritatea situatiilor? 1 Quote
gigiRoman Posted April 2, 2022 Report Posted April 2, 2022 Dc folosesti parole guiduri de 36 sau de 72 de caractere si le tii intr-un password manager sau primele x litere de la o pagina dintr-o carte? Quote