[colug-432] password survey
Rob Funk
rfunk at funknet.net
Fri May 23 19:31:12 EDT 2014
On Friday, May 23, 2014 07:11:27 PM Bill Baker wrote:
> I don't know about that. According to howsecureismypassword.net, it
> would take a desktop PC about a tresvigintillion years to crack that
> password. Plus, Randall Munroe pointed out at http://xkcd.com/936/ that
> a password consisting of four random dictionary words would take a long
> time for a computer to guess. So nine would presumably take even longer.
A few years ago (probably even when Judd's friend's joke was invented) I
would've been right there with ya. But your information is out of date. Ars
Technica has done a bunch of good articles about why and how, e.g.:
http://arstechnica.com/security/2013/08/thereisnofatebutwhatwemake-turbo-charged-cracking-comes-to-long-passwords/
http://arstechnica.com/security/2013/05/how-crackers-make-minced-meat-out-of-your-passwords/ (in-depth, and references that XKCD)
http://arstechnica.com/security/2012/08/passwords-under-assault/
http://arstechnica.com/security/2013/07/how-elite-security-ninjas-choose-and-safeguard-their-passwords/
--
Rob Funk
http://funknet.net/rfunk
More information about the colug-432
mailing list