Comments on: Password Complexity

By: crashsystems

crashsystems — Tue, 19 Aug 2008 02:44:24 +0000

I found a very good article breaking down the math for passphrase strength, and while reading it thought of this blog post. I've posted the link below. http://www.iusmentis.com/security/passphrasefaq/

By: Jarvis

Jarvis — Tue, 10 Jun 2008 01:25:20 +0000

First a password generator does exactly that…spits out a string of characters…that you will never be able to consistently remember correctly. The point to the article (and my post) is that a string of words is easy to remember and gives you the added security because of the overall length of the password. And as far as a password generator spitting out a series of words…you will be much more likely to remember your own series of words.

One type of password that I have used on some of my accounts is to use a portion of a Bible verse. So, I could take John 3:16 (probably the best known Bible verse) which reads “For God so loved the world that he gave his one and only Son, that whoever believes in him shall not perish but have eternal life.” I will always be able to refer to the verse if I forget the password. I then take just a part of the verse and make the password something like “ForGodsolovedtheworld”. Bingo…I have a 21 character password that I can easily remember.

By: Petur Williams

Petur Williams — Tue, 10 Jun 2008 00:58:24 +0000

if the people who know about making passwords secure know that using three or four separate words in a line rather than just stringing together nonsense in upper and lower case alpha numerics is more secure why won’t most password generating software let you do that? My experience is that password generators usually want a single string of characters.

By: Password Complexity - Rod Trent at myITforum.com

Password Complexity - Rod Trent at myITforum.com — Thu, 05 Jun 2008 15:49:16 +0000

[...] http://verbalprocessor.com/2008/06/03/password-complexity/ [...]

By: Great Password Complexity vs. Pass Phrase Post « Tim’s Whiteboard

Great Password Complexity vs. Pass Phrase Post « Tim’s Whiteboard — Wed, 04 Jun 2008 22:03:40 +0000

[...] A very good friend of mine recently posted a great password complexity vs pass phrase article here. That agrees with something I have said for a very long time. I read it first in a series of [...]

By: Jarvis

Jarvis — Wed, 04 Jun 2008 20:26:52 +0000

Yep…I used to think the same thing. And ten years ago, that wasn’t bad thinking. Back then, a shorter PW with four character sets was very secure. But especially with the advent of rainbow tables, that is very different now. Length is your ONLY protection from a rainbow crack.

By: El Cabong

El Cabong — Wed, 04 Jun 2008 20:18:53 +0000

This is a VERY illuminating article. I’m a network/systems administrator and I’ve always assumed that any combination of upper, lower, number, and special character is bullet proof. Now I can use long passwords that are easier to remember! Excellent tip, thanks.

By: crashsystems

crashsystems — Wed, 04 Jun 2008 04:25:23 +0000

Good point you have there. I always knew that length was important, but I didn't realize it was that important. It does make sense though.