Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Password Protection

  • 31-03-2010 1:50pm
    #1
    Registered Users, Registered Users 2 Posts: 86,729 ✭✭✭✭


    This article was a good read and seem modestly relevant to past events.

    If you have a strong password, theres not much to fear about anything in the article, which is aimed at teaching you why you need to create a strong password - not how to crack passwords.

    My password, According to this chart, would take untold millenia to brute-force the password with today's technology. If Google devoted all of its resources to a brute force attack, it could get it done just 1000x faster, according to this source. But still, Millenia.

    http://lifehacker.com/5505400/how-id-hack-your-weak-passwords
    Follow my logic:
    • You probably use the same password for lots of stuff right?
    • Some sites you access such as your Bank or work VPN probably have pretty decent security, so I'm not going to attack them.
    • However, other sites like the Hallmark e-mail greeting cards site, an online forum you frequent, or an e-commerce site you've shopped at might not be as well prepared. So those are the ones I'd work on.
    • So, all we have to do now is unleash Brutus, wwwhack, or THC Hydra on their server with instructions to try say 10,000 (or 100,000 – whatever makes you happy) different usernames and passwords as fast as possible.
    • Once we've got several login+password pairings we can then go back and test them on targeted sites.
    • But wait… How do I know which bank you use and what your login ID is for the sites you frequent? All those cookies are simply stored, unencrypted and nicely named, in your Web browser's cache. (Read this post to remedy that problem.)

    500x_password_hacking_times-1.jpg

    Dictionary Words/Names are big no no as well.

    So how strong did you think your password was?
    Post edited by Shield on


Comments

  • Moderators, Arts Moderators Posts: 35,731 Mod ✭✭✭✭pickarooney




  • Moderators, Technology & Internet Moderators, Regional South East Moderators Posts: 28,536 Mod ✭✭✭✭Cabaal


    Given my password is 23 chars long, includes letters numbers and symbols good luck to everyone :)

    It pisses me off thast BOI have such pathetic weak online security for banking 365


  • Registered Users, Registered Users 2 Posts: 6,441 ✭✭✭jhegarty


    Is it Fdff48Rf#uiaos*nsyrhlPl ?


  • Closed Accounts Posts: 17,208 ✭✭✭✭aidan_walsh


    jhegarty wrote: »
    Is it Fdff48Rf#uiaos*nsyrhlPl ?
    It's actually BBBABBBBBBBAABBAABABBB.

    He thought he was being clever hiding it in plain sight.


Advertisement