PDA

View Full Version : Change your passwords now! Reason ...



Truthseeker
02-26-2014, 06:24 PM
A giant cache of passwords, email addresses, etc. was discovered. Useful for criminal purposes. So, I'm sorry, but you have to change your passwords.

Pinoy
02-26-2014, 06:25 PM
Password in?

Truthseeker
02-26-2014, 06:28 PM
Password in?:huh: I guess the answer is, change all your important passwords.

Outis
02-26-2014, 06:33 PM
A giant cache of passwords, email addresses, etc. was discovered. Useful for criminal purposes. So, I'm sorry, but you have to change your passwords.

Source?

Truthseeker
02-26-2014, 06:45 PM
Oh, sorry. Source
http://www.bbc.com/news/technology-26351123

Irate Canadian
02-26-2014, 06:51 PM
Here are some tips:
http://imgs.xkcd.com/comics/password_strength.png

Cow Poke
02-27-2014, 04:31 AM
my password is *********

I'm not changing it.

Chrawnus
02-27-2014, 05:58 AM
my password is *********

I'm not changing it.

:shocked:

That's almost the same password as mine! :stunned:

Sparko
02-27-2014, 07:03 AM
"Bacon" is a good password, right?

Sparko
02-27-2014, 07:07 AM
oh great, stuff like this just creates another phishing opportunity as hackers send out emails telling you that your password has been hacked and you need to change it by clicking on their link. It never ends.

KingsGambit
02-27-2014, 07:26 AM
I DIDN'T change my password. I'm a baaaaaaad man.

Outis
02-27-2014, 08:15 AM
I DIDN'T change my password. I'm a baaaaaaad man.

I noticed. Oh, and I dumped your spam folder while I was logged in. :wink:

Truthseeker
02-27-2014, 11:32 AM
Go ahead and laugh and not change your passwords. I changed some of mine. A score yet to change.

Sparko
02-27-2014, 11:47 AM
let me guess. all of your passwords are now "Grassy Knoll" right?

Outis
02-27-2014, 11:54 AM
let me guess. all of your passwords are now "Grassy Knoll" right?

MKUltra.

Sparko
02-27-2014, 11:58 AM
MKUltra.
or Mercola.

Outis
02-27-2014, 12:33 PM
or Mercola.

Ha! They have the same phonemes. IT'S ALL A PLOT!

RBerman
02-27-2014, 12:58 PM
Here are some tips:
http://imgs.xkcd.com/comics/password_strength.png

I wonder... are there really "44 bits of entropy" in such a password? If passwords like this are common, then surely hackers will try word combinations from the dictionary first, lowering the number of combinations to X^4, where X is the number of words in the dictionary. That's much less than 2^44.

Sparko
02-27-2014, 01:15 PM
Here is how I set my password. First I take my first name, spell it backwards, convert it to binary and divide by 20 and convert it back to ascii text. Then I add the first and last 2 digits of my social security number, subtract my last 2 digits of my phone number, convert all "a"s into "@" then append my favorite fruit's name and finally, I add in my birth year...

then when I have all that, I set my password to "bacon"

Catholicity
02-27-2014, 01:27 PM
considering that none of mine are tied to bank credit card or bill activity.....good luck with that.

Irate Canadian
02-27-2014, 02:17 PM
I wonder... are there really "44 bits of entropy" in such a password? If passwords like this are common, then surely hackers will try word combinations from the dictionary first, lowering the number of combinations to X^4, where X is the number of words in the dictionary. That's much less than 2^44.

When I inputted Randal's password,this is the specifications it gave me:
Length: 19 characters
Character Combinations: 26
Calculations Per Second: 4 billion
Possible Combinations: 766 septillion

Raphael
02-27-2014, 02:20 PM
Here are some tips:
http://imgs.xkcd.com/comics/password_strength.png
The only problem with that one has always been the people who thought: that's a good idea, and then set their password to "correct horse battery staple"

Outis
02-27-2014, 02:20 PM
When I inputted Randal's password,this is the specifications it gave me:
Length: 19 characters
Character Combinations: 26
Calculations Per Second: 4 billion
Possible Combinations: 766 septillion

However, the tool you're using is measuring letter combinations. RBerman is correct as far as word combinations: a brute-force dictionary attack would be problematically easy, because of the relative ease of dictionary attacks.

And as Randall notes in the alt text, if the attacker can get the hash table, it's even easier.

Sparko
02-28-2014, 05:07 AM
However, the tool you're using is measuring letter combinations. RBerman is correct as far as word combinations: a brute-force dictionary attack would be problematically easy, because of the relative ease of dictionary attacks.

And as Randall notes in the alt text, if the attacker can get the hash table, it's even easier.

I think a much better password would be to think of an easy to remember sentence or phrase, then take the first letter of each word for the password, and stick a couple of numbers at the beginning or end. Then to anyone else it is just a random alphanumeric password, but easy for you to remember.

Eric Schmidt
02-28-2014, 05:24 PM
I wonder... are there really "44 bits of entropy" in such a password? If passwords like this are common, then surely hackers will try word combinations from the dictionary first, lowering the number of combinations to X^4, where X is the number of words in the dictionary. That's much less than 2^44.

On the contrary, most dictionaries have far more than 2^11 = 2048 words.

rogue06
02-28-2014, 11:38 PM
my password is *********

I'm not changing it.
Like the old joke about the little kid running up to his older siblings and saying "I know what Daddy's password is. It's asterisk, asterisk, asterisk, asterisk, asterisk."

rogue06
02-28-2014, 11:39 PM
let me guess. all of your passwords are now "Grassy Knoll" right?
Or "anti-vac"

Irate Canadian
03-01-2014, 08:09 AM
And as Randall notes in the alt text, if the attacker can get the hash table, it's even easier.

That's true as far as hash tables created with MD5 hashing. If the group that lost the hash table used something like the BCrypt algorithm, it would take a long,long time to crack the hashes. The problem is most sites use MD5 to store passwords and that allows hackers to easily crack passwords as soon as they get the hash table.

Outis
03-01-2014, 08:14 AM
That's true as far as hash tables created with MD5 hashing. If the group that lost the hash table used something like the BCrypt algorithm, it would take a long,long time to crack the hashes. The problem is most sites use MD5 to store passwords and that allows hackers to easily crack passwords as soon as they get the hash table.

True, but how many pre-packaged websites use BCrypt? Even VB uses MD5, if I remember correctly, and folks like me simply don't have the coding know-how to substitute a better cypher suite.

Irate Canadian
03-01-2014, 08:41 AM
True, but how many pre-packaged websites use BCrypt? Even VB uses MD5, if I remember correctly, and folks like me simply don't have the coding know-how to substitute a better cypher suite.

There are so many libraries out there using BCrypt. The problem is people aren't willing to hash passwords properly.

Truthseeker
03-01-2014, 12:39 PM
Sparko surely has a low opinion of my intelligence. Because I believe there are conspiracies and he thinks not one exists? Nothing but lone wolves.

Outis
03-01-2014, 12:43 PM
Sparko surely has a low opinion of my intelligence. Because I believe there are conspiracies and he thinks not one exists? Nothing but lone wolves.
I know there are conspiracies. My problem is you blame the lone wolf activities on conspiracies, and then follow rumors as if they were established facts.

Sparko
03-02-2014, 06:46 AM
Sparko surely has a low opinion of my intelligence. Because I believe there are conspiracies and he thinks not one exists? Nothing but lone wolves. No actually I think you are very intelligent and that there are conspiracies. But you are very gullible and believe in the most idiotic conspiracies.

Truthseeker
03-02-2014, 08:56 AM
That may actually be a compliment considering that Sparko fell for the Warren Commission Report, hook, sinker, line. I think the Commission is at bottom a conspiracy against the public. Ironic, Sparko fooled by a conspiracy.

Sparko
03-03-2014, 05:15 AM
That may actually be a compliment considering that Sparko fell for the Warren Commission Report, hook, sinker, line. I think the Commission is at bottom a conspiracy against the public. Ironic, Sparko fooled by a conspiracy.

Well if Dee Dee wrote it then I believe it!

RBerman
03-03-2014, 05:59 AM
On the contrary, most dictionaries have far more than 2^11 = 2048 words

True enough. I'm not clear where the "11" comes from, though. Is he assuming that each word can have up to 11 letters? If so, why is it 2^11 instead of 26^11? The longest word in his example has seven letters.

shunyadragon
03-03-2014, 03:23 PM
The wolves are puppets. It is the Coywolves that are in control.

Truthseeker
03-03-2014, 04:27 PM
passwordcanbemashedupandincludethenamesparkofurthe rmoreheisaninny

Sparko
03-04-2014, 05:56 AM
passwordcanbemashedupandincludethenamesparkofurthe rmoreheisaninny

don't forget to add "JFK was killed by Elvis alien probe" to that.

Oh and I think I gave this link to you before but since Tweb crashed (obviously a conspiracy put together by alien chipmunks) here it is again.

The Universal Conspiracy Generator
http://ddparodies.com/universalconspiracy.shtml

Here is the one it gave me:
Venusians will attempt to steal the Crown Jewels by using bellybutton lint to take over the world. They have cloned Elvis in order to sell newspapers to dead rabbits.

Sounds about right.

Truthseeker
03-04-2014, 10:57 AM
Is there anyone who thinks Sparko can prove the existence of Venusians or at least give us evidence?

Sparko
03-04-2014, 11:19 AM
Is there anyone who thinks Sparko can prove the existence of Venusians or at least give us evidence?Sure. I believe he can give you evidence of Venusians. I guess that means it really IS a conspiracy!

Raphael
03-04-2014, 12:17 PM
I thought women were from Venus.

Sparko
03-04-2014, 12:30 PM
I thought women were from Venus.eggsaktly. Which is evidence. Thank you very much. After all if it wasn't true, then they wouldn't have wrote a book about it!

And what's up with all those clouds around venus? They obviously have something to hide if they cover their entire planet with clouds. And how can they hide anything if they don't exist in the first place? MORE Evidence that venusians exist!

and let's not forget we have photographic evidence of them.

http://40qx6d15vq6j25i83v3ks8nxfux.wpengine.netdna-cdn.com/files/2013/01/queenOfOuterSpace_screenshot.jpeg

Truthseeker
03-04-2014, 04:45 PM
eggsaktly. Which is evidence. Thank you very much. After all if it wasn't true, then they wouldn't have wrote a book about it!

And what's up with all those clouds around venus? They obviously have something to hide if they cover their entire planet with clouds. And how can they hide anything if they don't exist in the first place? MORE Evidence that venusians exist!

and let's not forget we have photographic evidence of them.

http://40qx6d15vq6j25i83v3ks8nxfux.wpengine.netdna-cdn.com/files/2013/01/queenOfOuterSpace_screenshot.jpegThe picture could not have been made on Venus. Nor Mars. It looks like a Hollywood set.

Sparko
03-05-2014, 05:22 AM
The picture could not have been made on Venus. Nor Mars. It looks like a Hollywood set.

right. Like they have hollywood on Venus! :ahem:

LOL. Boy are you gullible. That is the evidence you asked for. Life on Venus. In fact it is part of a documentary filmed on location when earthmen first went to venus.

Truthseeker
03-05-2014, 11:55 AM
Congratulations, Sparko! By discrediting my judgment, you've prevented people changing their passwords. More insecurity. More zombie computers.

Irate Canadian
03-05-2014, 12:01 PM
Congratulations, Sparko! By discrediting my judgment, you've prevented people changing their passwords. More insecurity. More zombie computers.

:doh:

Hackers can't use the passwords to make a botnet,they can only use it to steal information about users...

Sparko
03-05-2014, 12:14 PM
Congratulations, Sparko! By discrediting my judgment, you've prevented people changing their passwords. More insecurity. More zombie computers.

Excellent!

My evil conspiracy has come to fruition!

http://img2.wikia.nocookie.net/__cb20100702150413/simpsons/images/6/6a/Mr_Burns_evil.gif

Epoetker
03-06-2014, 10:58 AM
http://25.media.tumblr.com/8c9bc739d3840289b960d8e2ba61c2ad/tumblr_mrv0mcY2XS1qil3kvo1_1280.png

KingsGambit
03-06-2014, 12:52 PM
My master password is ************.

Truthseeker
03-06-2014, 01:53 PM
:doh:

Hackers can't use the passwords to make a botnet,they can only use it to steal information about users...You are thinking there is no such thing as a zombie computer?

Truthseeker
03-06-2014, 01:58 PM
Excellent!

My evil conspiracy has come to fruition!

http://img2.wikia.nocookie.net/__cb20100702150413/simpsons/images/6/6a/Mr_Burns_evil.gifThat reminds me of Hillary Clinton calling Putin Hitler. IMO she is more Hitler than Putin is. Did you see that video of her gloating over Qaddafi's death?

Irate Canadian
03-06-2014, 03:17 PM
You are thinking there is no such thing as a zombie computer?

I never said that..I said the info gained from breaches wouldn't be useful for breaking into a computer,rather it would be used for illicit financial gain..