Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[4maskwolf]

password strength checker from Rush Limbaugh's post

...

Here's a password thing that I found on xkcd.

Ahem?

I don't see a problem.

I guess not.

Heh.  I see what you did there.

Didn't he leave the forums forever ago, though?

Was he ever on the forums?

Heh.  I almost fell for it and posted kurtulmak's profile page too.

[Orange Wizard]

Kurtulmak is a mod on the Slaves to Armok board IIRC, so he must be associated with Toady/ThreeToe somehow.

[4maskwolf]

Kurtulmak is a mod on the Slaves to Armok board IIRC, so he must be associated with Toady/ThreeToe somehow.

He has to be.  He's the only one to verbally castigate Threetoe and live.

[penguinofhonor]

Spoiler (click to show/hide)

Kurtulmak is a joke. They are not a real person.

[4maskwolf]

Spoiler (click to show/hide)

Kurtulmak is a joke. They are not a real person.

Spoiler (click to show/hide)

Are they someone's puppet account?  I'd guess it was Toady playing a prank on people, but what do I know?

[hops]

Among the passwords I use:
One would take 12 months to decode.
Another, 92 years.
And then another would take centuries.
And another 3 years.
So yeah, I feel pretty secure.

One of my passwords take longer than the universe's age to crack.
git gud scrub

[Orange Wizard]

Kurtulmak is a mod on the Slaves to Armok board IIRC, so he must be associated with Toady/ThreeToe somehow.

He has to be.  He's the only one to verbally castigate Threetoe and live.

Link or gtfo. I have to see this now.

[BlitzDungeoneer]

http://www.bay12forums.com/smf/index.php?topic=254.msg2188#msg2188 Here.

[Orange Wizard]

Well. It's weird seeing ToeThree behaving like any other forumgoer, and not the all powerful God-Man he is today.

[Guardian G.I.]

password strength checker from BlitzDungeoneer's post

...

Here's a password thing that I found on xkcd.

Ahem?

That's what you get when you write forum posts while being extremely drowsy.

[ZetaX]

But wouldn't "@battery 20staple14 correct#horse" dodge a dictionary cracker? I have no idea how this works, so I'm genuinely curious.

Partially. But a good password cracker mixes things up. Also, while some things look more obscure that others, this is just a human thing. To measure the actual security you would use what is called "entropy": it essentially measures how likely that string is to occur by chance. But note that "by chance" does not mean "just roll a dice for each letter", but "how often does it appear in nature" (where "nature" is some setting you use, e.g. "all data on the internet"). Thus your dice show letters, but also words or other common sequences, each with their own probability coming from reality.

The string "battery correct horse staple" has pretty low entropy as it, as demonstrated by this thread, occurs quite often. The string "quantum dwarf house thorn" would be much better (but lost a lot due to now being mentioned here). For similiar reasons, using 100 consecutive letters from your book of choice is not much better than using 1000 consecutive letters instead: both appeared at least once, and probably the same number of times each, making them almost equally good.

On a similiar matter, adding just some numbers at the beggining and end of a password does not have any more effect than just adding one or two english words at the end, unless the added words are in a rather common position (e.g.: extending "crocodile ocean yellow" by "submarine" is probably worse than using "air", despite the difference in lengths).

[Moghjubar]

Neat tool, good news is variants of the passwords and style I use are all 'centuries' to crack (made up passwords in same style just to make sure I wasn't inputting my actual passwords of course due to extra paranoia).

[hops]

But if you lost the note with the password on it then you're boned.

[Sergarr]

This is relevant to the current discussion.

[i2amroy]

You are too late! Said comic was already linked on page 3!