New
#31
Hi there.
The EASY way to defeat most brute force attacks is not necessarily to scramble up your password to something indecipherable but to keep a SIMPLE password but prefix it with a SPECIAL CHARACTER and possible insert another special character somewhere else in the string.
Put the special character at the START of the string -- even the most mathematically challenged amongst you can see that this will add ZILLIONS of combinations a "Brute Force" attack needs to go through -- and with modern equipment available to even a sophisticated hacker the time taken to decrypt a decent length password will be longer than the approximate future lifetime of the sun (around another 10 billion years or so).
Brute Force password attacks usually can't handle special characters very well.
Use something like a NOT sign ¬ an ! exclamation sign or a couple of characters from another language set such as the Icelandic þ and ð or - use Russian or Turkish or whatever.
This simple trick will defeat most password cracking schemes even brute force ones.
Incidentally I'm suprised that in the 100 worst password lists these two weren't even mentioned --- PA55WORD and ADMINISTRATOR -- I'm surprised at the number of computer installations where server passwords STILL haven't been changed from the default installation.
Encryption theory will confirm that it's FAR FAR harder to get the plaintext (i.e decrypt a password) from ANY string containing at least one special character - especially if the special character is the IST character in the password than from a random string of "normal" chars and numbers such as floR78BKtsq.
Cheers
jimbo