Passwords. Get an idea of how long it will take to crack yours.

Online Attack Scenario:
(Assuming one thousand guesses per second) 1.91 hundred thousand trillion trillion trillion centuries

Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 1.91 billion trillion trillion centuries

Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 1.91 million trillion trillion centuries

Basically I just add more digits and symbols to my password over the years, does anyone else do this?

So say my password was !7gyhBy6 , when I feel it's time to add to it I will make it !7gyhBy6?8hgrty. My current password is 30 characters long and easy to remember as I have memorised each "section" abit at a time.

Meh, thats just what I do.
 
Online Attack Scenario:
(Assuming one thousand guesses per second) 1.57 thousand trillion centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 15.67 million centuries
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second)
 
Yea guys this is the well-known dude behind the ShieldsUp! site. Its not a flaky website. Ive been using his Password-Generator page for years. And the Port-Tester.
 
I use 1Password, set to generate 16 digit passwords with 2 symbols, random capitalisation and numbers.. I don't even know my forum password as the app auto-fills it in for me.

For referenced, one of my passwords is: E*neyWMDoc99AL.X
Presumably you have to log on to your computer with a password you type in? Is that as secure?
 
Online Attack Scenario:
(Assuming one thousand guesses per second)

1.83 billion centuries



Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second)

18.28 centuries



Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second)

1.83 years


will do for me
 
Interesting to see how many people will give their passwords to a random website however...
Anyone savvy enough to think about it would enter a password that was structurally the same but with each character being different and in a different order.
If that site was phishing (which it wasn't as it is run by a credible person) then the most they would get was the length of the password and some information on what type of characters it might contain.
 
D05487nIm*-/jhvghbbvcfhFSDGRETWT*$%^dg,msdf;kmgsdo;ymnKFGNS&*(185649&*(6780645sdjkgbnJZKL Ikdjs dkimSAmkfdL<|%%%%%%56^&&5$%@##%%^6['lds,h?E"F<LERKOemktgsmr

Online Attack Scenario:
(Assuming one thousand guesses per second) 1.13 million trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 11.33 billion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion centuries
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 11.33 million trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion centuries

Found a new password. Thanks
 
11 chars with a symbol and number thrown in, not my exact password but a close neighbour.

mypass.png


Good enough for me.
 
Presumably you have to log on to your computer with a password you type in? Is that as secure?

There's a dedicated app where I can view the passwords, change them etc but the main "magic" happens in a Google Chrome extension.

If I visit eBay, I simply right click and select "fill login" and it logs me in. If this is the first time since rebooting or after a predetermined period of time then it'll ask for my master password before the extension will unlock.

The main password database file is encrypted by the master password (only known to myself) kept on my Dropbox account, so if I lose a hard drive the passwords are safe etc.

 
!!!!!!!!!!!!!!! = 19.5years with a massive cracking array.

What appears to be not so complex often turns out the most complex :p

Apparently, our server's domain admin account password can be cracked in 6mins on the array too.
 
Online Attack Scenario:
(Assuming one thousand guesses per second) 1.32 hundred million trillion trillion trillion trillion trillion trillion centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 1.32 trillion trillion trillion trillion trillion trillion centuries
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 1.32 billion trillion trillion trillion trillion trillion centuries
That'll do for me :)
 
This is why complex password policies are crap. Having to type and remeber "1)pOhd.£e" is much less secure than "LOLIgotaverydifficultpassword"
 
This is why complex password policies are crap. Having to type and remeber "1)pOhd.£e" is much less secure than "LOLIgotaverydifficultpassword"

Im only just starting to realize this. So far Ive been using a combination of the two, like:

*LOLIgotavery%difficultpassword$
 
Back
Top Bottom