Just a reminder for everyone when it comes to password strength, longer is better generally at the XKCD comic suggests.
But there been allot of push-back lately with the use of words, in passwords. Generally, users use pick predictable words, such as Company names, Pet names, Sports teams, Seasons (“Summer2024!”), Common phrases (“LetMeIn123”), Common sayings ("what goes up must come down") or lyrics ("You say, "Yes", I say, "No" You say, "Stop" and I say, "Go, go, go" Oh, no!").
That exact phrase is now in every cracking dictionary. A dictionary attack is when an attacker tries passwords from a pre‑built list of likely strings, not just literal dictionary words.
Security depends on entropy, not just length. Randomness matters.
Great article: https://www.baekdal.com/trends/the-usability-of-passwords-faq
I created a new password generator as of 2026 that is banking compliant and has a high degree of entropy.
👉 Create a password that avoids repeated characters, excludes sequential patterns, and uses common symbols permitted by online‑banking security rules
I created a new password generator as of 2026 that is banking compliant and has a high degree of entropy.
👉 Create a password that avoids repeated characters, excludes sequential patterns, and uses common symbols permitted by online‑banking security rules
 |
| source : https://xkcd.com/936/ |
Re: HashCat, an open-source password recovery tool, can now crack an 8 character Windows NTLM password hash in less than 2.5 hours.
No comments:
Post a Comment