Thread: ; TOT; Piggin passwords
View Single Post
  #72   Report Post  
Posted to uk.d-i-y
The Natural Philosopher[_2_] The Natural Philosopher[_2_] is offline
external usenet poster
  
Posts: 39,563
Default ; TOT; Piggin passwords
On 10/02/16 16:08, Jethro_uk wrote:
On Wed, 10 Feb 2016 15:52:36 +0000, dennis@home wrote:

On 10/02/2016 00:30, T i m wrote:

Oh, and they even contacted me because 'Some of the passwords would be
easy to guess' ... like L10nKing$ Like why? The owner of that account
wasn't into Disney, lions, kings or even had kids!

Any password that is on a password list is likely to be easy.
You can download such lists so you can crack poorly implemented sites,
etc.

The chances of anyone guessing say two words and a number concatenated
within the three or so tries a secure site should allow are pretty low
without needing any specials.

Now if its a password for say a document, where they can take as long as
they like to crack it, its a different matter.

The problem is, if the attackers get unfettered access to the database
(as has happened a lot) then they also have all the time in the world to
crack the encrypted passwords.


But that may in fact be still an impossible task.

I had occasion to actually use salted hashes, and no two salted hashes
of the same password are the same..

https://en.wikipedia.org/wiki/Salt_%28cryptography%29

That's *if* they were encrypted. Goodness knows how many websites store
passwords in plaintext (underscoring my point previously that once you
press "enter" you have no idea what happens to your password).

Not many for anything important. however there are many that use old,
short key but 'library' password routines.

The problem with the big Adobe style hacks, is that access to very
little imporantinfo on yer adobe account, becomes a huge issue if you
have the same username and password on a really important site, like
your bank or something



--
If you tell a lie big enough and keep repeating it, people will
eventually come to believe it. The lie can be maintained only for such
time as the State can shield the people from the political, economic
and/or military consequences of the lie. It thus becomes vitally
important for the State to use all of its powers to repress dissent, for
the truth is the mortal enemy of the lie, and thus by extension, the
truth is the greatest enemy of the State.

Joseph Goebbels



Reply With QuoteReply With Quote