Rules and Guidelines
Want to participate in the discussions? Please read our Community Rules and Guidelines. Need some help? Visit Support and Answers.

  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 9 subscribers
  • Views 271 views
  • Users 0 members are here
Options
You may also be interested in
This discussion is locked.
You cannot post a reply to this discussion. If you have a question start a new discussion

Password strength?

Howard Warren
When it comes to passwords, I've usually used a 10 character random mix of uppercase, lowercase, special and numeric characters, and have never had any issues with these being accepted as adequate. (Before I get told off, I have a different password for each application I use!)


However, when recently setting up a new application, my 10 character password was described by the system as "weak". So I used a 19 character password (again, a random mix of characters) and this time it was described as "fair".


Given that there are 256 ASCII characters, the determined hacker has a 1 in 5.709 X 10^45 chance of striking it lucky with my 19 character password. (I say lucky - he'd be sadly disappointed at what he found after all that effort). So my question is, what lengths would one have to go to, in order to create a password that could be described as strong?
Parents
  • 0
    I would agree there Alex.


    I would suggest that the vast majority of hacking incidents are from where data has been compromised or stolen from large organisations who haven't encrypted it sufficiently. I doubt very much if cyber criminals would really take the time and effort to target specific individuals in an attempt to crack their password and get access to their online accounts. 


    So to be honest your password is only as secure as the encryption methods being used by the organisation your account is held with. 


    Recently I've had to change a number of passwords I use for a variety of different web based systems as their data had been hacked.  I think LinkedIn had their data compromised not long ago...? So no matter how secure my password is, if their data has been hacked then whatever combinations of letters numbers and symbols I've used means absolutely nothing as it's all going to be displayed to the hackers anyway once they decrypt the data.
Reply
  • 0
    I would agree there Alex.


    I would suggest that the vast majority of hacking incidents are from where data has been compromised or stolen from large organisations who haven't encrypted it sufficiently. I doubt very much if cyber criminals would really take the time and effort to target specific individuals in an attempt to crack their password and get access to their online accounts. 


    So to be honest your password is only as secure as the encryption methods being used by the organisation your account is held with. 


    Recently I've had to change a number of passwords I use for a variety of different web based systems as their data had been hacked.  I think LinkedIn had their data compromised not long ago...? So no matter how secure my password is, if their data has been hacked then whatever combinations of letters numbers and symbols I've used means absolutely nothing as it's all going to be displayed to the hackers anyway once they decrypt the data.
Children
No Data

Join us to get the best from IET EngX.

Joining EngX lets you personalise your experience so you stay up to date on the topics that interest you, plus you’ll be able to make connections who are looking to collaborate, exchange ideas and more.

Join us Not now

Community Rules & Guidelines