Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Is Your Password Strong ?

09 Apr 2010   #31
jimbo45

Linux CENTOS 7 / various Windows OS'es and servers
 
 

Hi there.

The EASY way to defeat most brute force attacks is not necessarily to scramble up your password to something indecipherable but to keep a SIMPLE password but prefix it with a SPECIAL CHARACTER and possible insert another special character somewhere else in the string.

Put the special character at the START of the string -- even the most mathematically challenged amongst you can see that this will add ZILLIONS of combinations a "Brute Force" attack needs to go through -- and with modern equipment available to even a sophisticated hacker the time taken to decrypt a decent length password will be longer than the approximate future lifetime of the sun (around another 10 billion years or so).

Brute Force password attacks usually can't handle special characters very well.

Use something like a NOT sign ¬ an ! exclamation sign or a couple of characters from another language set such as the Icelandic þ and ð or - use Russian or Turkish or whatever.

This simple trick will defeat most password cracking schemes even brute force ones.

Incidentally I'm suprised that in the 100 worst password lists these two weren't even mentioned --- PA55WORD and ADMINISTRATOR -- I'm surprised at the number of computer installations where server passwords STILL haven't been changed from the default installation.

Encryption theory will confirm that it's FAR FAR harder to get the plaintext (i.e decrypt a password) from ANY string containing at least one special character - especially if the special character is the IST character in the password than from a random string of "normal" chars and numbers such as floR78BKtsq.

Cheers
jimbo


My System SpecsSystem Spec
.
09 Apr 2010   #32
tw33k

Windows 7 Ultimate (x64) SP1
 
 

I use Secure Login, a Firefox add-on, so I only have to enter my password once and then use it to log in
My System SpecsSystem Spec
09 Apr 2010   #33
Corrine

Windows 7 & Windows Vista Ultimate
 
 

Thanks tw33k and Darryl.

Quote:
Ahhhhh....No. I am not typing my password in there for a check. Now Microsoft knows my password. You have to be kidding.
You are kidding, I hope WindowsStar.
My System SpecsSystem Spec
.

09 Apr 2010   #34
NecroGnomezZz

Win7-ULT-x64-(All 5 PC's, 3 DSKTP's, 2 LPTP's)
 
 
No, Never The Same Password EVER

No I would never suggest using the same password EVER, sorry if i was mistaken by what I put in earlier message. But i have always used variations of my password system and never have had any negative breaches...

P.S. Any passwords I type for My Windows 7 accounts are totally different from those I use online, that's a must indeed, So no problem...
At any rate, a risk is taken when typing in anything now isn't it? But so long as one is secure as possible, well then that's a plus in itself. For the important stuff, personal data stored locally, It is a good thing to have alot more than a password to protect it.

For example if You have personal data that you in NO WAY WANT Intruder(s) to to get access to, I would suggest (as an example) doing all these yes (ALL) to protect it. That way (god forbid) somehow your password gets taken, You can rely on say "Serpentine" 256Bit data encryption that uses a keyfile (kept securely on a device Such as Your USB Pendrive) as well...

For example...

(Personals (compressed w/Password)/and 256bit Encrypted w/keyfile needed/as well as multi-level security for system, files/folders on PC) This is one variation of security that works for me quite well.<<<

You type a password and Microsoft will know Your password? Hmmm, No i don't think so. first off why would they want it, second off they only collect data they have to, otherwise they would be outta business my friend. Billionaire companies have little use for folks passwords; besides they have a little more to do than to steal from their income source, Even though pc software pricing may be high and one might think the other way around :LOL (MOST ARE LEGIT, There are always suspects to consider but hey stay protected if Your unsure then You can rest easier. Anyway The above example (in part, and mostly as a whole) has worked for me since I first started using a PC back in 1982 so, Hope this helps!

Oh and most passwords cannot include anything others than A-Z/a-z/0-9 as text FYI, So using cryptic codes cannot be possible with most...

Enjoy and Hope This Helps!

P.S. By The Way Just A Thought;

The SYSTEM that uses the data is KEY, because say someone gets my bank info, I am not worried whatsoever because they have security enough to imprision that person if they say empty my account via my CC#. My bank reimburses me 100%, the convict goes to prison, and even if the person is not caught I still get reimbursed because the data will not only show I did not withdrawal the funds, and banking system shows the transaction details and video of them...!, AND SO,

All is well and good in the Land Once Again...-=8^)~CheerzZz...<(___)~
My System SpecsSystem Spec
09 Apr 2010   #35
WindowsStar

Windows 7 Enterprise (x64); Windows Server 2008 R2 (x64)
 
 

Quote   Quote: Originally Posted by Corrine View Post
Thanks tw33k and Darryl.

Quote:
Ahhhhh....No. I am not typing my password in there for a check. Now Microsoft knows my password. You have to be kidding.
You are kidding, I hope WindowsStar.
Yes it is a joke, but also being serious too, people should use caution. I would hope people don't go to random websites and type in their password for testing. I could setup a testing website and then capture everyone’s passwords. Social Engineering is the best way to gain access to whatever you want.
My System SpecsSystem Spec
09 Apr 2010   #36
WindowsStar

Windows 7 Enterprise (x64); Windows Server 2008 R2 (x64)
 
 

Quote   Quote: Originally Posted by Corrine View Post

KeePass Password Safe is a safe password manager.
Awesome software and wonderful developers. They added a major feature for me even though it took months to do. I highly recommend.
My System SpecsSystem Spec
09 Apr 2010   #37
Corrine

Windows 7 & Windows Vista Ultimate
 
 

Quote   Quote: Originally Posted by WindowsStar View Post
Yes it is a joke, but also being serious too, people should use caution. I would hope people don't go to random websites and type in their password for testing. I could setup a testing website and then capture everyone’s passwords. Social Engineering is the best way to gain access to whatever you want.
Whew.

Excellent advice. You are so right about social engineering. We humans seem to be very gullible creatures.
My System SpecsSystem Spec
09 Apr 2010   #38
WindowsStar

Windows 7 Enterprise (x64); Windows Server 2008 R2 (x64)
 
 

Quote   Quote: Originally Posted by Corrine View Post
Quote   Quote: Originally Posted by WindowsStar View Post
Yes it is a joke, but also being serious too, people should use caution. I would hope people don't go to random websites and type in their password for testing. I could setup a testing website and then capture everyone’s passwords. Social Engineering is the best way to gain access to whatever you want.
Whew.

Excellent advice. You are so right about social engineering. We humans seem to be very gullible creatures.
We sure are; you don't want to even know how well this works. Since I am in the IT field I test this on every vacation. Most of the time I walk into a building and go right to the first desk, reception, information etc. and Say "Hi I am Bill Smith from IT I was told Kathy, Kim or Karen was having a problem with accessing the network and I need to get access to a computer and check things out." From there it goes many ways but typically I am given access to an office where the person is out for the day and they have dialed up someone on the phone to help me with passwords!!! Amazing!!! I never do anything harmful but I do make sure I get the names of the employees and then I make a phone call later to talk to their IT manager and explain that their policies and security needs to be changed or updated and some training and education on Social Engineering needs to be provided. I have been hired several times to do much better audit checks later or for a sub company.
My System SpecsSystem Spec
10 Apr 2010   #39
Darryl Licht

Windows 7 Ultimate 64 bit Steve Ballmer Signature Edition
 
 

Quote   Quote: Originally Posted by WindowsStar View Post
Yes it is a joke, but also being serious too...
Aren't they mutually exclusive?

My System SpecsSystem Spec
10 Apr 2010   #40
jimbo45

Linux CENTOS 7 / various Windows OS'es and servers
 
 

Hi all
just forgive me from being slightly sceptical here -- but why would you EVER use 3rd party or ANY software to create a password for you.

At the very least the software designers would know the algorithm and therefore be able to reverse engineer it.

Maybe in 99.99% of cases these people would be legitimate and kosher -- but there are ALWAYS the odd one or two ---- everybody has their price unfortunately.

If you need a password create it YOURSELF and do what I suggested -- add special characters.

Cheers
jimbo
My System SpecsSystem Spec
Reply

 Is Your Password Strong ?




Thread Tools




Similar help and support threads
Thread Forum
Chrome, Firefox and IE render <strong></strong> and <b></b> as normal
This is an issue I've been struggling with for several weeks. I have reviewed all fonts and believe all necessary fonts are available. I do not have Lucida Grand, but I have Lucida Sans, Arial and Verdana. Browsers Chrome, Firefox and IE all render <strong></strong> or <b></b> as normal text -...
Browsers & Mail
How strong is your password?
In this age where password and password security are becoming more and more important, how secure is yours? For example, here is the result of my Forums password (blanked out for security reasons): It can also be used for usernames as well as passwords. A strong username/password should...
System Security
How strong is your password?
Some of mine aren't up to par :shock: Test yours https://www.microsoft.com/security/online-p...rd-checker.aspx
System Security
Windows live essentials do not support strong password!
Hi all, I had changed my live account password and tryed to login some times but it could not login. i searched about this problem but i could not find helpful instruction. Today, i saw that Windows live essentials do not support strong (more than 16 words and numbers) password. i can not...
Browsers & Mail


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 09:58.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App