How strong is your urban password?

[cybertect]

two Finnish words joined with a punctuation mark

linus.torvalds should be excellent then?

 

[editor]

Welsh scattered with a few numbers and underscores is always good.

 

[Maurice Picarda]

Presumably the l33tly cunning plan of replacing i and o with 1 and 0 has been picked up on by the hacker community. All my passwords are weak, even the ones for banking and stuff.

 

[dada]

all lowercase - weak
with one cap - medium
numhers and caps - strong
what makes it best then?

 

[dlx1]

Welsh words

is there a Welsh dictionary cracker?

dyslexic passwords are strong as not in dictionary
unless using at letter at time cracker but that going to take time.

I use a letter a time on word doc it took 46hr pass was only 4 letters 1 number.

g0cha

all lowercase - weak
with one cap - medium
numhers and caps - strong
what makes it best then?

all of them

 

[FridgeMagnet]

Randomly-generated ASCII characters up to the limit of the allowed password length - and not just "press a few random keys", either, that will be predictable. For the best security you'd want to have it proper-random rather than pseudo-random and use something like www.random.org too.

 

[dada]

You do realise that site is stealing all your passwords!

LOL! yes.

 

[stdPikachu]

For the best security you'd want to have it proper-random rather than pseudo-random and use something like www.random.org too.

I use `pwgen -s 32 1` for all my passwords

 

[ChrisFilter]

medium

 

[Fez909]

Strong. I can't be arsed updating it to "best" as I've got more than 8 characters, upper and lower case, and numbers and symbols included already.

 

[Addy]

*fond memories of running L0phtcrack on a Banks NT4 domain flood back*

L0phtcrack...now that takes me back a bit

Problem with that check is that it doesn't consider that some websites wont allow certain characters to be used as a password, so what could be considered a fair password for the website concerned may show up as poor on the M$ check due to it doesn't contain ~#+=¦)(*&^%$£"!@:';?/>.<,|\¬ as part of the charactors in the password.

 

[Vash]

Its hard to remember more than one password. Do you use one password for everything or more than one for each site?

 

[Radar]

Its hard to remember more than one password. Do you use one password for everything or more than one for each site?

Use a password manager, there's loads of them out there. When I was running XP I used splashdata's SplashID, a great little program with automatic synching between PC and palm. Now I'm running linux I use a java based Password Manager, not as funky as SpashID but at least the developer acknowledged the possibility of life outside of windows and macos by using java With a cheapo sd dongle, you can bung everything (client and data) on a couple of Megs storage.

In general I have one generic password that I use for throwaway sites, and if I find myself going back there more than a couple of times then I'll generate a random one for it and use that instead.

 

[gnoriac]

Did anyone else ever use the password generator in VAX/VMS? It'd give you a bunch of words made up from 2 or 3 part-words, so while they weren't real words were pronounceable and thus not too hard to remember.
Not really strong enough for nowadays, but with a few extra goodies thrown in it could be a handy bit of gear.