Random Password Generator

Random

Writable

Shiftless

Fake Word

Common Words

Security level:

xkcd comic: Password Strength
This is why you should use random words for passwords. "Tr0b4dor&3": easy to guess and hard to remember. "correct horse battery staple": difficult to guess and you've already memorized it.

Lifehacker: Which password manager is the most secure
Examines the following techniques for storing passwords:
  • Saving Logins in Your Browser
  • Web-Based Password Managers
  • Local (Desktop) Managers
It concludes that local desktop managers are the most secure and has a comparison chart of various online and desktop password managers.

Ars Technica: How the Bible and YouTube are fueling the next frontier of password cracking
An eye popping account of just how many passwords are easy to crack.
  • 60 percent encrypted passwords from a security breach could be cracked with off the shelf tools.
  • All passwords of eight or fewer characters are vulnerable to offline attack with the computing power available today.
  • Hackers can easily crack longer passwords that are based on words and phrases.
  • Hackers use word lists with close to a billion entries and can try variations on those.
  • Mangling words and phrases with capitals, numbers, and punctuation offers little protection.

Naked security: 55% of net users use the same password for most, if not all, websites. When will they learn?
"Why does this matter? Well, imagine you are a member of websites X, Y and Z - and you use the same password on each site. If X suffers from a data leak and their password database is accessed, or if hackers manage to work out your password for X, then the bad guys will not only have access to your X account, but Y and Z as well!"

ICT.govt.nz: The Factors of Authentication
The three factors of authentication are:
  1. Something you know (for example a password)
  2. Something you have (for example a government issued passport)
  3. Something you are (for exmple a fingerprint)
Passwords are the default level of security on the web. They are however, only one portion of very secure three factor authentication.

Google Official Blog: Advanced sign-in security for your Google account
How and why to enable 2-step verification on your Google account so that an attacker doesn't have to know just your password, but also has to have your mobile phone.

Wikipedia: Single sign-on
Single sign on is a method of using credentials from a single website to log into many websites. Single reduces the number of passwords needed and can increase security:
  • Reducing password fatigue from different user name and password combinations
  • Reducing time spent re-entering passwords for the same identity

Lockdown.co.uk: Password Recovery Speeds
Shows how much time it would take to recover encrypted passwords in various situations and attack senarios.

How Secure is Your Password

Random

TYPEAverage time to crack based on number of guesses per second
SizePossible combinations1 trillion (expected future capability)100 billion (large distributed system)1 billion (distributed system or supercomputer)100 million (small distributed system)1 million (single computer)

Writable

Shiftless

Fake Word

Common Words


Copyright 2013 Stephen Ostermiller | Like this site on Facebook