** Please Comment on this Article Below **

Gravatar Dave,



Another way to deal with passwords is to pick something you remember and then encode it with the telephone code. For example: Look at your telephone dial. Using the numbers, Kenneth becomes: 5366384.
Kenneth Thomson | 01.21.08 - 2:20 pm | #

Gravatar Kenneth,

That may be acceptable for humans, but computers can process thousands of instructions a second. Assuming a program can try only 10000 combinations a second, a simple password like 5366384 could be cracked in less than 9 minutes.

A true password needs numbers, letters, punctuation, all in combination.

I'm sure Ken will pipe in here, and have more in his next column.
Dave H | Homepage | 01.21.08 - 6:32 pm | #

Gravatar You can easily create a list of strong passwords by visiting PC Tools Security Guide on passwords. The online generator is easy to use and will create as many passwords as most users will ever need. After you create a list, you can cut and paste it into a blank text document.
http://www.pctools.com/guides/password/

Another thing to remember is to change passwords every so often, particularly your Administrator password if you're on a network of share a machine.
hth
2 penny ron | 01.23.08 - 9:22 am | #

Gravatar Hi, Everyone,

Thanks for the comments. Dave is right; it takes more than just the length of a password--you have to mix characters, upper and lower case letters, ascii characters, and numerals, too. I'm going to cover a lot of ground in my next article, but for now, consider this: a computer trying to guess a password like I use (10 characters long, full ascii character set) capable of guessing one billion passwords per second would take more than 2100 years to complete a brute force attack on me.

I'm not worried some hacker's going to guess my password.

Cheers! Ken
Ken Harthun | Homepage | 01.24.08 - 8:20 pm | #

Gravatar This is the best password generator I have seen. Steve Gibson is fanatical about everything he does and is the perfect guy to write a password generator.

https://www.grc.com/passwords.htm
Al Gingrich | 01.30.08 - 1:27 am | #

Gravatar Thanks for your comment, Al.

Steve is the best, no question. My article for the next issue will mention Steve's password site.

I never miss a Security Now! podcast and I highly recommend it to anyone interested in computer security. I use his Perfect Paper Passwords site and the site you linked to on a regular basis.

https://www.grc.com/ppp.htm
http://www.grc.com/securitynow.htm
Ken Harthun | Homepage | 02.02.08 - 1:40 pm | #

Gravatar 2 penny,

PC Tools' password generator is a good one. I like the "no similar characters" feature. By the way, I've previously reviewed their Spyware Doctor software and find it a very good product, so I trust them.
Ken Harthun | Homepage | 02.02.08 - 1:44 pm | #

Name:

Email: (not displayed in comments!)

URL:

Comment:  ?