The Powder Toy

Heartbleed Bug

  • CeeJayBee     18th Apr 2014 Member 0 Permalink
    @wolfy1339 (View Post)
    Fixed it. Repeatedly cleared my history and cache and kept resetting passwords. Works now :P

    EDIT: That was me by the way :P
  • h4zardz1     19th Apr 2014 Member 0 Permalink
    @OC39648 (View Post)
    that is more than forever.....
    @wolfy1339 (View Post)
    for what?
    @CeeJayBee (View Post)
    oh, if you forgot your password, that is for alt?

  • xetalim     19th Apr 2014 Member 0 Permalink

    @wolfy1339 (View Post)

    Simon hasn't been on for 1,5 week now, I doubt he will come online for something like that.

  • OC39648     20th Apr 2014 Member 0 Permalink

    @nucular (View Post)

     YES YESYESYESYESYESYESYESYESYESYESYES NOBODY CRACKS MEH PWS

  • NF     20th Apr 2014 Member 0 Permalink

    @xetalim (View Post)

     He might be busy. He's a busy person.

  • MiningMarsh     22nd Apr 2014 Member 0 Permalink

    @OC39648 (View Post)

    Actually, "Hi9hlifedestr0yerofwor1d5" is not that good a password. You want to work in at least a single space and symbol, ideally with something obscure like a grave, hopefully forcing them to bring up their search from just an alphanumeric crack to a full character set crack (this brings the possibilities per character from around 62 to  around 95).

     

    This alone is enough to substantially improve your entropy. It can also (but not always depending on the software used for cracking) help to just append a long and useless salt, even just a bunch of backticks can help. ("thisisapass```````````````````````````````````````````````" with naive cracking software will take much, much longer to crack than just "thisisapass", and it can effectively kill a rainbow table based attack if the salt increases the pass length to a long enough length to make a rainbow table impractical due to storage required to hold it.).

     

    As well, while using words can help a human remember their pass, it increases the viability of a dictionary replacement based attack by a lot. A nice way to combat this is instead of replacing things like an 'o' with a zero, replace it with something like a backtick, this would get around cracking software designed to make common substitutions (they would most likely have to resort to full alphanumeric cracking to crack such a generic and random replacement.)

     

    Of course, take my advice with a grain of salt. I am no security expert, and just go off of the minimal knowledge I gained when cracking some of my old passwords (sometimes I get paranoid).

    Edited 4 times by MiningMarsh. Last: 22nd Apr 2014
  • h4zardz1     22nd Apr 2014 Member 0 Permalink
    @MiningMarsh (View Post)
    that was my password.
    also any machine can break this password?
    leeted--cReatE44de\/el(O)pEr4nd8ec0meafan
    actual---createforadeveloperandbecomeafan
    1337 15 |_|53|=1_|1_ , P\19|-|7? ()P\ |\|07? /// leet is useful, right? or not?
    EDIT: createforadeveloper on that part is strong?
    Edited once by h4zardz1. Last: 22nd Apr 2014
  • xetalim     22nd Apr 2014 Member 0 Permalink

    @h4zardz1 (View Post)

     Any password can be cracked.

  • OC39648     22nd Apr 2014 Member 0 Permalink

    SHA512 is useful. Hash something and entropy skyrockets

  • h4zardz1     23rd Apr 2014 Member 0 Permalink
    a cracker can just put a random word in the SHA512 hasher.
You need to login before you can post replies