How Many "Passwords" do you have , How Secure Are They ?

[Kramer]

PASSWORDS SECURITY ..

HOW SAFE IS YOURS ?
BY JOHN POZADIDES

TOP PASSWORDS

Your partner, child, or pet's name,
either first or last or combo
possibly followed by a 0 or 1 or other 2 digit # b-day,st.#
(because they're always making you use a number, aren't they?)

. The last 4 digits of your social security number.
. 123 or 1234 or 123456.
. "password" OR PASSWORD
.
. Your city, state ,or college, football team name, or followed by a #
. Date of birth – yours, your partner's or your child's, parent
. "god"
. "letmein"
. "money"
. "love"
your street house #
4 digit tel #
NFL
GAMBLER
SPORTS TEAM OR 1 FOLLOWED BY A #
Alcohol drink
Type of food

ANY MALLERS HAVE THESE ?


.
MOST VULNERABLE USERS ARE Facebook/MYSPACE ,ETC

For ex your name is Jim Johnson
then you mention your wifes name on the site
You mention you have a pet
Your city is known ,
You list all your favorite things ...
YOU LOGIN , FORGET TO LOG OFF , SOMEONE CLICK ON YOUR PHOTO ...



Any wonder your password get hacked ?

.
Statistically speaking that should probably cover about 20% of you.
But don't worry.
If I didn't get it yet it will probably only take a few more minutes before I do…

. Hackers, and I'm not talking about the ethical kind, have developed a whole range
. of tools to get at your personal data.
. And the main impediment standing between your information remaining safe,
. or leaking out, is the password you choose.

. (Ironically, the best protection people have is usually the one they take least seriously.)
How do I know which bank you use and what your login ID is for the sites you frequent?
All those cookies are simply stored, unencrypted and nicely named, in your
Web browser's cache .

> I can post how to fix this on another topic

ALL I HAVE TO DO IS UNLEASH A PROGRAM THAT TRYS TO
MATCH SAY 10,000 OR 100,000
USERNAMES + PASSWORDS



Often times people also reason that all of their passwords and logins are stored on
their computer at home, which is safe behind a router or firewall device.

Of course, they've never bothered to change the
default password on that device, so someone could drive up and park
near the house, use a laptop to breach the wireless network and then try passwords
from A COMPUTERIZED LIST
until they gain control of your network —

after which time they will own you!

.
Once we've got several login+password pairings
we can then go back and test them on targeted sites.
. HOW FAST CAN THIS BE DONE?

.
Well, that depends on three main things, the length and complexity of your password, the speed of the hacker's computer, and the speed of the hacker's Internet connection.


. Assuming the hacker has a reasonably fast connection and PC here is an estimate of the amount of time it would take to generate every possible combination of passwords for a given number of characters. After generating the list it's just a matter of time before the computer runs through all the possibilities – or gets shut down trying.


Pay particular attention to the difference between using only lowercase characters and using all possible characters (uppercase, lowercase, and special characters – like @#$%^&*).


Adding just one capital letter and one asterisk would change the processing time for an 8 character password from 2.4 days to 2.1 centuries.



PASSWORD LENGTH ALL CHARACTERS ONLY LOWERCASE
3 CHARACTERRS 0.86 SEC 0.02 SEC
4 1.36 MIN 0.46 SEC
5 2.15 HOURS 11.9 SEC
6 8.15 DAYS 5.1 MIN
7 2.21 YRS 2.2 HOURS
8 2.1 CENTURIES 2.4 DAYS
9 20 MILLENIA 2 MONTHS
10 1,899 MILLENIA 4.5 YEARS






Here are some password tips:
. Randomly substitute numbers for letters that look similar.

The letter ‘o' becomes the number ‘0', or even better an ‘@' or ‘*'.
(i.e. – m0d3ltf0rd… like modelTford)

. Randomly throw in capital letters (i.e. – Mod3lTF0rd)
. Think of something you were attached to when you were younger,
but DON'T CHOOSE A PERSON'S NAME!

Every name plus every word in the dictionary
will fail under a simple brute force attack.

. Maybe a place you loved, or a specific car,
an attraction from a vacation, or a favorite restaurant?

. You really need to have different username / password combinations
. for everything. Remember, the technique is to break into anything you access
. just to figure out your “standard password,”
. then compromise everything else.
. This doesn't work if you don't use the same password everywhere

Another thing to keep in mind is that some of the passwords
you think matter least actually matter most.

For example, some people think that the password to their e-mail box
isn't important because "I don't get anything sensitive there.
" Well, that e-mail box is probably connected to your online
banking account.

If I can compromise it then I can log into the Bank's Web site and tell it
I've forgotten my password to have it e-mailed to me.


Now, what were you saying about it not being important?
.

[TN TITAN Fan In STL]

password is taco

[Kramer]

TacoMo
tacoTn
Buretto
Bell
BELL
taco STL

See the programmed attacking list


lol

[Ricky Tan]

As long as it keeps those little buggers off the streets..........I'm all for it

[Stubudd]

most of mine are secure even from myself