New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
How long are your passwords?
raindog308
Administrator, Veteran
Came across this today:
http://www.lockdown.co.uk/?pg=combi
Assume Class D, E, or F for attack - Class A, B, and C are absurdly wimpy.
Personally, I use one 30-character master password for PasswordSafe (admittedly, since I have to memorize it, there's only only a couple symbols in there but a good mix of cases, numbers, and non-dictionary word stubs). All its generated passwords 16 characters long and it mixes numbers, cases, and symbols very well.
Except of course for sites that won't accept a password that long. Typically those are banks :-)
Comments
My passwords are complete sentences, without spaces. I'd say most are 50+ characters.
I use PassKeeper to generate my passwords. I keep them at 150+ bits (no idea of the character count, I'll check later). That being said...
http://xkcd.com/936/
I use 1Password to generate mine. I vary in length for every password. I couldn't remember the first four characters of any of them if my life depended on it. It makes my life a living hell, especially since I don't use their Dropbox feature (not having that potential point of failure), but I guess it's worth it in the end.
Mine are too long, I need to shorten them. This is a sample of mine:
K]rw>5E:d5
u}3T}>ec.tb-[H4=e!2]6Ez}c8\Ut'E%G;l@>&"PgGl2yG2$LYM,L#[9A+zQ)viDium-Wl3#0K8|#jkE"c2DN|=$3%X`]6j{JAp9E}k@L8c"U1Im worried about the day when I need to use my KVM. I can't immagine typing all the characters in.
I use Dropbox for PasswordSafe.
However, I also do a versioned backup to CrashPlan and tarsnap every night :-)
@raindog308
Over the internet people suffer from lockouts on to many failed tries - so it would be closer to A B and C as an attack on your pass over the web.
Yes, love that comic. The real value in a password manager is that you can have a different password for everything...I just looked and I have over 250 passwords stored. No way I'd remember that many no matter how colorful :-)
@raindog308 yes this is beautiful... I'm using passwordsafe now and changing all of my passwords EVERYWHERE to random generates from this program.
My brothers password(s) is a short poem(s) in Arabic-English transliteration. Haha, it takes him like 30 seconds to type his password, I think it's a bit extra lol.
Mine really depend on what I'm using, I use passwords varying from 6 characters - 45 characters.
@Infinity I used the 'sentence' password structure after reading the commic and seeing what other people did in this thread... my password is strong according to most all password strength checkers.. and I remembered it after the first try.
I use case-sensitive, number, symbols, minimum 12 char. save in my head. (sometimes i use truecrypt too :P)
Anythin above 10-12 (Depending the protocol) is unnecessary IMHO.
Master password on my Yubikey is +100 char then 8-12 randoms
@KuJoe I changed how I do passwords because of that comic. I've toyed with the idea of something like PasswordSafe, might as well start testing it now.
What comic are you guys talking about? This?
My passwords are that secure i dont know most of them. I use Roboform. and my laptop has a fingerprint reader
I use pwgen but i rarely use more than 10 chars.
I save them all on a txt on a encrypted container that i sync on every computer.
BTW, how many characters are allowed for a linux password?
I use 123456
just kidding...
I use to use simple passwords with a simple capital, number, lowercase, and character around 8-10 chars but recently have started using longer generated passwords.
Most of my passwords doesn't usually go over 10 characters but including letters, numbers and symbols is a must.
But I admit it's now with current processors in personal computers, and with the existence of supercomputers of different sizes too, that makes almost nothing unpredictable even if long enough
it can still happen within a short period of time. Hence they usually recommend you to change your password every x days.
Started out with 10 characters, but over the years increased to 18-20+.
I have to copy+paste my passwords from notepad into the web form to login.................. that's how long it is :P
Must...resist...must...oh, I can't:
"I have the same combination on my luggage!"
My laptop password is a foreign-language phrase, less characters which can't be typed (easily) on a US layout.
My Keepassx password is a random "word" (consonant-vowel-repeat) with a couple numbers slapped on.
My SSH key password is another foreign-language phrase.
The rest are pretty much all randomized and stored in my keepassx (or awaiting changing to a randomized password from one of my previous generic passwords). I typically use 12 characters from mixed-case letters, numbers, and symbols.
@DimeCadmium so you expect US people to hack your passwords and not foreign people?
I know websites nowadays require you to use harder passwords for better security.
(excerpt from the hangover movie)
Phil: Your password is baloney1?
Mr. Chow: Well, used to be just baloney, but now they make you add number.
I use 1password which is for Mac users. Works wonderfully and does random passwords, can sync across wifi or dropbox, and works great with my iPhone and iPad.
Usually 16 digits random upper lower numbers @#@&;$(@#*$%&;(% characters etc unless the specific website blocks or has certain requirements.
I'm using passwords generated by Lastpass: 12 chars mixed number, symbol, lower, uper case
Never said that. However, since this is a laptop and it's used for the login screen, and I'm in an English-speaking country (the US isn't the only one, FYI)... how many people would even try Finnish? (Plus I like it. That's the main reason.)
i use my year's birthday.... haha j/k but I have known many clients passwords that involve that =/
Now that you've told everyone it's Finnish, I'm sure someone will try it :P