Thread created automatically to discuss a document in CD-Media.
Basic Password Security by: Don Rotolo
Brief tutorial on creating a secure password system
The need for password security is explained. A simple and flexible but very powerful system for creating very strong passwords is presented. A method to ensure no two passwords are the same, while making each password easily memorized, is given. Anyone who uses passwords should read this!
brings up some good points. i personally have a weak password for all the sites that do not matter as much but i have a stronger form of it (using capitalization and numbers) for the websites like my email and stuff like that. i think i will change them.
The problem of having a basic password with variations based on the site, account, etc is that some sites have their own rules for passwords. It must be exactly X characters long or some other such restriction. I like the concept though - I sure have difficulty remembering all my passwords when I go to pay my monthly bills online.
I’ve been using the same password since I started the internet and my father gave me my first E-mail account. Than for gaming i started using another set of passwords due to security reasons. I think now that I have quit gaming I need to mod up my regular passwords. I like the ‘system’ you mentioned. Its a great idea, and even if you have a ‘core’ word and you don’t modify it between sites, at least remember there are different types of security involved with different types of sites. Although even if somebody gets your password on CD they can ruin your name, most of us might know who you are, or we have logs to check. But certain sites have strict systems of instant banning and at that, for many sites it is hard to vouch who you really are in the first place. And than don’t get me started on your banks and other VERY important passwords. Those should be a class all of their own and should never be copied anywhere. That might be part of my system if I get tired of 100000 passwords: three or four levels of security requiring different types of passwords. EX: L1 - Same pass, L2 - Different but similar, L3 - Different, no link what so ever.
Also keep in mind that although it has been common for gaming and clans, there has been an exponential increase in the amount of brute force programs being created and being used, so keep that in mind next time you make your password, characters like "Æ, æ, ™ " are not usually put in those algorithms. For more information on ALT + NUM keys click here.**
I personally prefer using a md5 hash of an md5 hash of a word for my passwords. Yes, bit harder to memorize, but quite difficult to crack.
Such as, the md5 of “test”
The md5 of that:
i may try doing that. sounds like fun memorizing hashes.
also i set up a website one time and when i went into phpmyadmin to look at the user table. the passwords were in PLAIN TEXT:eek:. that means that any admin or even a hacker that got access to that table in the database would have all of the user names, passwords, emails etc of the users. anyway i decided to not use that script for the login.