Jump to content


Check out our Community Blogs

Register and join over 40,000 other developers!


Recent Status Updates

View All Updates

Photo
- - - - -

Is it a "strong" password?

poll password strong exam

  • Please log in to reply
19 replies to this topic

#1 Fazz3

Fazz3

    CC Lurker

  • Just Joined
  • Pip
  • 2 posts

Posted 16 December 2014 - 05:02 AM

Hey everyone :)

I got my exam results today and am quite dissapointed.

I was 2 points away from getting an A and the reason for that were passwords I've used which were "aTropina12" and "pOlopiryna12".

Now before I appeal I'd like to get some experts' opinion on that matter and maybe make some kind of a poll. Can I achieve something? Or will they most likely agree with a teacher?

Cheers!


  • 0

#2 WingedPanther73

WingedPanther73

    A spammer's worst nightmare

  • Moderator
  • 17757 posts
  • Location:Upstate, South Carolina
  • Programming Language:C, C++, PL/SQL, Delphi/Object Pascal, Pascal, Transact-SQL, Others
  • Learning:Java, C#, PHP, JavaScript, Lisp, Fortran, Haskell, Others

Posted 16 December 2014 - 05:31 AM

atropina is a drug name, so your first password is [dictionary word]12 = not strong.

polopiryna is also a drug name, so your second password is [dictionary word]12 = not strong.

 

Capitalization in words is irrelevant, so I'd say your teacher was correct. I have a friend who used "phlebotomy" as her password. Given that was her job, it was an EXTREMELY weak password, no matter how unusual it may be.


  • 0

Programming is a branch of mathematics.
My CodeCall Blog | My Personal Blog

My MineCraft server site: http://banishedwings.enjin.com/


#3 Sundance

Sundance

    CC Devotee

  • Validating
  • PipPipPipPipPipPip
  • 572 posts
  • Programming Language:C, Java, PHP, Python, JavaScript, Perl, PL/SQL, Transact-SQL, Bash, Others

Posted 16 December 2014 - 05:41 AM

I agree with WingedPanther

 

Any password that contains a dictionary word (whether any letter is capitalized or not) is not a strong password, alternatively anything that is a common name for something (I.e. can be searched and found easily) is unlikely to be a strong password either.

 

The best password in my own opinion use letters, numerals, characters and are generally longer than 15 letters.


  • 0

Please read the

FaQ & Guidelines


#4 wim DC

wim DC

    Roar

  • Expert Member
  • PipPipPipPipPipPipPipPip
  • 2681 posts
  • Programming Language:Java, JavaScript, PL/SQL
  • Learning:Python

Posted 16 December 2014 - 05:52 AM

It's easy, Just make passwords longer :)

 

turn "aTropina12" into "ilikeaTropina12alot". And it goes from 6 years to crack to 90 quadrillion years to crack (on https://howsecureismypassword.net/)

I like this one :

XuMUU0b.jpg

 

Are you sure the strength of your password was the reason you got lower grades and not how well you secured / stored / hided them? It seems a bit weird to receive grade deductions based on that (Unless it was some sort of security related course )


Edited by wim DC, 16 December 2014 - 05:53 AM.

  • 2

#5 Sundance

Sundance

    CC Devotee

  • Validating
  • PipPipPipPipPipPip
  • 572 posts
  • Programming Language:C, Java, PHP, Python, JavaScript, Perl, PL/SQL, Transact-SQL, Bash, Others

Posted 16 December 2014 - 06:22 AM

It's easy, Just make passwords longer :)

 

turn "aTropina12" into "ilikeaTropina12alot". And it goes from 6 years to crack to 90 quadrillion years to crack (on https://howsecureismypassword.net/)

I like this one :

XuMUU0b.jpg

 

Are you sure the strength of your password was the reason you got lower grades and not how well you secured / stored / hided them? It seems a bit weird to receive grade deductions based on that (Unless it was some sort of security related course )

 

Length wouldn't really beat a dictionary attack though.

 

L3x_3r is far more complex and not a dictionary word compared to

insignificant which is a dictionary word and longer, realistically a complex and long password are the best of both worlds.


  • 1

Please read the

FaQ & Guidelines


#6 WingedPanther73

WingedPanther73

    A spammer's worst nightmare

  • Moderator
  • 17757 posts
  • Location:Upstate, South Carolina
  • Programming Language:C, C++, PL/SQL, Delphi/Object Pascal, Pascal, Transact-SQL, Others
  • Learning:Java, C#, PHP, JavaScript, Lisp, Fortran, Haskell, Others

Posted 16 December 2014 - 07:52 AM

If you have bought a home wireless router recently, you'll notice they have long, complex passwords. A typical password is something like "A3?fr7_9Dx!LupQ" It's long, and resembles a string of random characters more than anything else. It's completely immune to dictionary attack, stringing together dictionary words, etc. It can ONLY be broken through brute force or some inherent protocol weakness.


  • 3

Programming is a branch of mathematics.
My CodeCall Blog | My Personal Blog

My MineCraft server site: http://banishedwings.enjin.com/


#7 Fazz3

Fazz3

    CC Lurker

  • Just Joined
  • Pip
  • 2 posts

Posted 16 December 2014 - 08:59 AM

If you have bought a home wireless router recently, you'll notice they have long, complex passwords. A typical password is something like "A3?fr7_9Dx!LupQ" It's long, and resembles a string of random characters more than anything else. It's completely immune to dictionary attack, stringing together dictionary words, etc. It can ONLY be broken through brute force or some inherent protocol weakness.

It's not strong if it's written on the bottom  ;)

Anyways, thanks for your answers I was clearly in the wrong there. For my regular use I use better stuff, but doing so many windows configuration on lessons I was running out of my own memory and decided to go with drugs and it was fine.

 

I am really amazed by this forum and will hopefully contribute to Python, Java and C# sections :)

 

PS.

While I understand my fault here according to the answer key I was shown insignificantL3x_3r gets 0 points opposed to L3x_3r.
Maybe the better way would be checking number of not dictionary based chars instead of just taking points off for using a word. It doesn't change anything in my situation though, just thought I'd throw it there.

Edited by Fazz3, 16 December 2014 - 09:04 AM.

  • 0

#8 WingedPanther73

WingedPanther73

    A spammer's worst nightmare

  • Moderator
  • 17757 posts
  • Location:Upstate, South Carolina
  • Programming Language:C, C++, PL/SQL, Delphi/Object Pascal, Pascal, Transact-SQL, Others
  • Learning:Java, C#, PHP, JavaScript, Lisp, Fortran, Haskell, Others

Posted 16 December 2014 - 09:29 AM

Actually, it IS strong if it's written on the bottom. If people have physical access to my wireless router, network access is no longer the problem. They can plug in an ethernet cable and be just as connected.


  • 1

Programming is a branch of mathematics.
My CodeCall Blog | My Personal Blog

My MineCraft server site: http://banishedwings.enjin.com/


#9 Pally

Pally

    CC Devotee

  • Senior Member
  • PipPipPipPipPipPip
  • 413 posts
  • Programming Language:C, Java, PHP, Python, PL/SQL, Assembly
  • Learning:C++, C#, Lisp, Scheme

Posted 21 December 2014 - 12:49 PM

I was taught in my computer security class the safest passwords are quote phrases with the person who said it and 1 or 2 unique characters

 

something like

 

"1ihaveadreamMartinLutherKing%"

 

the theory goes that user encouraged to use this format will create significantly longer,stronger passwords with minimal effort to remember them


  • 0
Your Friendly Neighborhood Pally

#10 WingedPanther73

WingedPanther73

    A spammer's worst nightmare

  • Moderator
  • 17757 posts
  • Location:Upstate, South Carolina
  • Programming Language:C, C++, PL/SQL, Delphi/Object Pascal, Pascal, Transact-SQL, Others
  • Learning:Java, C#, PHP, JavaScript, Lisp, Fortran, Haskell, Others

Posted 22 December 2014 - 05:36 AM

Pally, unfortunately, that becomes very easy for hackers to create a list of phrases/authors/characters and we're back at the same problem.


  • 0

Programming is a branch of mathematics.
My CodeCall Blog | My Personal Blog

My MineCraft server site: http://banishedwings.enjin.com/


#11 lespauled

lespauled

    CC Leader

  • Expert Member
  • PipPipPipPipPipPipPip
  • 1360 posts
  • Programming Language:C, C++, C#, JavaScript, PL/SQL, Delphi/Object Pascal, Visual Basic .NET, Pascal, Transact-SQL, Bash

Posted 22 December 2014 - 09:03 AM

you mean abc123 isn't a strong password?  :)


  • 0
My Blog: http://forum.codecal...699-blog-77241/
"Women and Music: I'm always amazed by other people's choices." - David Lee Roth

#12 WingedPanther73

WingedPanther73

    A spammer's worst nightmare

  • Moderator
  • 17757 posts
  • Location:Upstate, South Carolina
  • Programming Language:C, C++, PL/SQL, Delphi/Object Pascal, Pascal, Transact-SQL, Others
  • Learning:Java, C#, PHP, JavaScript, Lisp, Fortran, Haskell, Others

Posted 22 December 2014 - 09:07 AM

nope. use zyx987 instead.


  • 0

Programming is a branch of mathematics.
My CodeCall Blog | My Personal Blog

My MineCraft server site: http://banishedwings.enjin.com/





Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download