Computer Room Thread, How good are your passwords?

I found this a bit of a shock.

How Secure Is My Password?

Time to hack my passwords varied from 1 minute to 10 days.

Interesting, one of my passwords says 3 hours, the other one says 169 days!!!!

I'm always a bit unhappy at typing my passwords into anywhere but the site they were created for ..but I know some of them aren't good without the test. Any financial ones are quite strong but others could do with changing.

I think some of the trouble is that many of us tend to use passwords with proper names or words in them. These are apparently not very difficult to hack. Changing passwords for something a bit more random in their construction decreases the chances of passwords being hacked considerably. For instance, a password such as 'doggiename57' is going to be a lot easier to hack than a random string of letters and numbers such as: 'CFo5Znvr928x' (this much more secure password was generated by LastPass).

Of course it's important to copy and paste random character passwords into a file somewhere because they can't possibly be remembered by a human brain. They can be remembered by Password Managers but even so, it's best to carefully store them somewhere else as well. Then they can be copied and pasted into password fields if it ever becomes necessary.

I came across this idea for carrying passwords around a while ago:

Password Card

The idea is that the card on the right of the page is printed out and cut out. Laminated as well if you have the means. Notice the symbols at the top of the card. Follow the columns of numbers below the symbols and these give secure passwords with 8 characters. So, you assign a symbol to a password needed for whatever purpose, follow the column down and type the characters into the password field. This way, you only need to remember what symbol you gave the site and not the complicated secure password. A clever idea I thought.

The card changes each time you visit the page or there is a means of changing the card to a different combination of characters. It doesn't even matter if you lose the card because nobody but you will be able to make sense of it. Also, if the card does become lost, each card is given a unique number. This number can be typed in on the site to get the same card re-printed.

My best gets this assessment: It would take
About 9 quadrillion years.

Originally Posted by John o Wirral

I found this a bit of a shock.

How Secure Is My Password?

Time to hack my passwords varied from 1 minute to 10 days.

... and now having published them to the web, you 'd be very wise to change them.

[QUOTE=John o Wirral;389739]I found this a bit of a shock.

The mind boggles that people post their passwords on the web

If anyone has done this I would take note of GANDALF`s advice
and change it before something nasty happens.

I have done. I was just interested to see how good they were. I'd followed the general rules of using a mix of letters in uppe4 and lower case and including numbers but they clearly weren't as good as I though.

I simply posted the link for people to try out if they wanted to and thought it would be self evident to update them afterwards. Thank you both for highlighting it.

Originally Posted by Gandalf

... and now having published them to the web, you 'd be very wise to change them.

Done! but out of interest I've also checked some that could although haven't be used by me.

I just put in the fictitious random password mentioned in my post above. This is all I'd ever do for a test site. It said it would take 408 thousand years to crack, although a lucky guess might do it. If it's that good, I think this is the one I should use for everything now.

A large proportion of email hacks are not done by guessing the password, rather by pretending to be a message from their email provider asking them to enter their password.
It amazes me just how many of my friends and relatives have fallen for this.