pwgen -sy 4096

i use Keepass without its file name and icon and i use a masterpassword + keyfile none of which are on my pc.

passwordcard is useful too and free

Realmente interesante

It would take a desktop PC

About 2 thousand years

to hack your password

IF THE GERMAN ENIGMA MACHINE CODES WERE BROKEN THEN THESE PASSWORDS CAN BE CRACKED TOO.

Difficult to trust someone who can't draw an ampersand.

@bristlekrs

and so what? can't draw a ampersand... doesnt invalidate nothing that he said... it's time to people use stronger passwords... and use "clever" mnemonics to remember them

This is not a particularly good password selection alogorithm. The problem is that there are not a lot of easy to remember sentences. In practice what happens is the sentence that is chosen is the first line or chorus of the current pop song, or some well known literary phrase such as "all the worlds a stage and the men and women merely actors". A good cracker can build a dictionary of standard phrases and the standard substitutions and end up in your account faster.

No one uses brute force or guess work cracking .... the material of your password isn't very important, its how many different things you use it for, and if/when you change it ... password "strength" is irrelevent since most important websites only give you 3 guesses before they lock you out completely.

let me put it this way.

my password is so secure, it would take 14,000,000,000,000,000,000,000­,000,000,000,000,000,000,000,0­00,000,000,000,000,000,000,000­,000,000,000,000,000,000,000,0­00,000,000,000,000,000,000 years to crack.

found out at howsecureismypassword(dot)net

why not use a password generator?

where do u get the "alphasand" symbol ?

This is absolutely retarded

xkcd [com] /936/

completely impossible to remember.

sorry - but after reading this guys post - don't believe this video any more. timdavis.com.au/internet/choos­ing-a-strong-password

1 mash keyboard

2 note down,

3 win

Watching Flintstones while making that sentence up?

Also just have one password for all the websites that are completely "pointless" in regards to being secure - e.g. forums on some of your interests etc. Then it means having to remember fewer passwords for the sites that do matter - e.g. banks, email etc.

Why not just write down the passwords on a piece of paper? Hackers can't crack into the notepad on your desk.

And I forgot the most important:

Use a real OS, e.g. Linux, BSD, Apple.

Change every 3 months. Always make sure you log on to SSL sites.

1) pwgen -sy 128 > mypassword.txt

2)  steghide embed -ef mypassword.txt -cf verylarge.jpg -e rijndael-256

3) Store in plain sight on the Internet

Just stop using passwords, and start using pass-phrases. Just use the whole thing spelled out with hyphens if spaces aren't allowed.

Search for "The Usability of Passwords" and read that article.

That one dislike got hacked.

OK. Grandmothers are very bad with memory. Will not work for all people.

here's how to actually do this in the most secure way possible. when coming up with a pass write it down in a notebook in pencil, then despite your hard drive crashing, having them written down will actually allow you to have a different extremely hard passwords for each website. If you don't trust the people you live with, well move. or keep that small notebook in your pocket. notebook's are also good for other things.

I have typed all the different websites and passwords into a Word document, and then password-protected that document. My computer also requires a password to get in as soon as you turn it on, or wake it up from screensaver mode, so I guess that's pretty safe. I have also emailed that Word document to myself at my never used, spare email address so I can find it wherever I am.

********** wow if you enter your password it appears as caps cool

1Password app ;)

thanks for that :)

"sci-fi character". Aw crap.

Useful, thanks !

my pasword is ufufiojnhv4t8rbf9uec-vb35hfjdf­hjdhfjdnbvyincbvyrfiucnodebfrv­y8cubcry8v9uryfgbufryh8ghdryhf­ghdfryh8hyfrghuyhfryhfryh8yhud­j98gfidosk9i0dijxusrehfydeuhfr­tgtdfhjhdyfrhjd try and get  that ha oh shit

@curtisadams648 just did ufufiojnhv4t8rbf9uec-vb35hfjdf­­hjdhfjdnbvyincbvyrfiucnodebfr­v­y8cubcry8v9uryfgbufryh8ghdry­hf­ghdfryh8hyfrghuyhfryhfryh8y­hud­j98gfidosk9i0dijxusrehfyde­uhfr­tgtdfhjhdyfrhjd  good thing i dont hack lol

Actually super strong passwords aren't that necessary. I can just go to your email, (which is your screen name @ yahoo.com ...gmail, hotmail, etc. and then answer your dumb security question, read your emails and ask websites to send your passwords back to you.

0:17 No, question is, how did you remember it?

Some questions 'bout this video, who do u make it harder for? If someone would hack you with just "guessing" what ur password is then you probably know that guy, n the virus nowdays is like buying a coke in a store, it's everywhere... If u want to stay safe, don't use inet.. outdate info

If you don't want to use password management software , another way you can have diff. passwords is have the same basic password (F+WSD4aDoE&H) and 'salt' it yourself by the name of the site.

E.g: for twitter, your password could be: twitterF+WSD4aDoE&Htwitter )

You could also use a password card. (password card dot org) Sorry for the URL, just trying to give another options for techs to recommend to their users.

Nice one. I meant the same in the pdf "Understanding Password Strength" on my site (albertodebortoli.it)

99999999998888888888hhhhhjjjjj

hard pass easy to remember 10x9 10x8 5xh 5xj

You are one massive cockknoking motherfuker stranger.

is storing passwords on Password management tools built in FireFox a safe bet ?

Forget the password managers. Simply add the first letter of the website (the website you're entering) to your well chosen password (as indicated in the first part of this video) and voila!

Doing so will allow you to use a different password on every site you are logging on, while preventing you remembering 20 different passwords.

One same password, only one characters changes depending of the website you are logging on.

@SkinnyDre Unfortunately if someone unlocks the "formula" that you are using for your password they can now get into *any* website where you have an account.

@SophosLabs thare are other tutorials that u can use some sites to remember the password for every site

@SophosLabs Well, that method still makes brute-forcing near impossible. I add the entire website name, though, for more "security".

20+ digit password? Yeah, might take a few years even with some Quad-SLI GTX580s :D

@SophosLabs So if we go by your method of using a secure program to remember all of your passwords, why not just use Firefox. It asks for a password before it releases all of your passwords and has its own password database.

@SophosLabs Yees, but what if you use several computers to log into different accounts? Password management software doesn't work so well then. Of course, if the website has correctly stored your password as a hash, an attacker probably only has a (different) preimage and won't be able to reverse engineer your naming scheme. Obviously this isn't as good as a completely different password, but better than repeating one.

I remember trying to create the password rQqtd&xqr1m. The remote computer told me it was too weak.

@morgandrim lolwut?

Sometimes we are limited by the password block that says only to use alphanumeric (letters and numbers ONLY) .. or like my bank that says you MUST use 5 letters and 2 numbers only .. man .. doesn't make it that secure does it?

Don't use simple passwords like G0d or L33T or D3LL .. too easy and scammers online will hack your account (I was a moderator of a forum that got hacked 3 times in one year a few years back).

f**k this, i am going to use 1 password for all lol

Yeah...and now you get one virus or keylogger and there goes your "impossible" password lol

Good video, but then again keyloggers defeat no matter how strong your password is.

@1oxo1 wellllll the sites with a limited amount of login attempts along with time to time changing of your password should keep it safe, hopefully =/

@1oxo1 I was actully just thinking to write that comment... no1 H4cKx anymore ppl just keylog....

@1oxo1

Don't type your passwords, get keepass and copy them to the clipboard

@1oxo1 Yup, they do. But this is just a countermeasure of cracking/guessing passwords, About keyloggers, there are countermeasures too, and for securing you should have to think about all the aspects.