1 Kicks

Bad passwords are not fun and good entropy is always important(www.troyhunt.com)

submitted by troyhunttroyhunt(831) 1 year, 1 month ago

A couple of different friends sent me over a link to an article about the usability of passwords this weekend, clearly thinking it would strike a chord. Well, let’s just say I was enthralled before I even finished the second line: "Security companies and IT people constantly tells us that we should use complex and difficult passwords. This is bad advice" The crux of the article is that so long as a password is sufficiently long – the example used is “this is fun” – you’re pretty damn secure (apparently 11 characters is just right). Actually, the term used was "secure forever". Wow, two pretty absolute terms. So let’s take a look at these and apply a bit of objective analysis to see if they hold water. Does a brute force attack really only run at 100 attempts per second? Is "this is fun" really 10 times more secure than "J4fS<2"? Do rainbow tables really work by an attacker copying and pasting a hash into a website? Are bad password management practices on the server really not your problem?

add a comment |category: |Views: 2

tags: another

new Add a live kick counter to your blog >> liveImage

You can even customize the image by choosing your own colors, and then clicking the button below to update the preview and the html code:

  • "Kick It" text
  • "Kick It" background
  • kick count text
  • kick count background
  • border

Simply copy and paste this HTML into your blog post.


Users who kicked this story:
troyhunttroyhunt(831)
Comments:

No comments so far

information Login or create an account to comment on this story
Submit a Story
View upcoming stories
How else can I help?
Add our feeds to your site

Most Active Users

What's this?