Bitcoin Forum

Other => Beginners & Help => Topic started by: erikoy on October 17, 2018, 02:56:31 PM



Title: Creating strong password.
Post by: erikoy on October 17, 2018, 02:56:31 PM
Hello guys!

I just want to share something that was part and discussed in our 3 day training seminar about a certain topic on creating a good password. We could use this in cryptocurrency for we know that password is a vital part in creating accounts to store crypto in wallets, accounts for trading crypto and etc.

This may not apply to all because some users here are technically good and knows about this already. But, I still want to post this thread in the pursue of helping others for some average users that do not have that much knowledge on creating good and strong password.

I Hope that hackers could not easily invade our accounts especially with our precious BCT forum accounts and our digital wallets.

Take a look on this sample password and the time that the password could be crack!

Quote

Note: CTTO (Credit to the Owner of that Picture)


Title: Re: Creating strong password.
Post by: boyptc on October 17, 2018, 03:12:41 PM
Wow that's an interesting photo just like the combination of letters and numbers.

Including special characters, symbols, caps and not would really make your password stronger. Btw, is that seminar is only about making good password for 3 days?


Title: Re: Creating strong password.
Post by: TradeWaltz on October 17, 2018, 03:17:16 PM
I watched a lecture on that topic some time ago. It said that the main thing about password is in its length and the randomness of the used words. They said something like: sunnyflyuingpotatoesholiday is aslmost as hard to crack as the ones with symbols and numbers. Don't know if it's true, but the lecture was persuasive)


Title: Re: Creating strong password.
Post by: OgNasty on October 17, 2018, 03:26:15 PM
I watched a lecture on that topic some time ago. It said that the main thing about password is in its length and the randomness of the used words. They said something like: sunnyflyuingpotatoesholiday is aslmost as hard to crack as the ones with symbols and numbers. Don't know if it's true, but the lecture was persuasive)

Adding some numbers, capitalization, and special characters is usually a good idea, see above graphic.


Title: Re: Creating strong password.
Post by: erikoy on October 17, 2018, 03:27:37 PM
Btw, is that seminar is only about making good password for 3 days?
Nope, it is just only a part or a topic of that 3 day training seminar.

They said something like: sunnyflyuingpotatoesholiday is aslmost as hard to crack as the ones with symbols and numbers.
It is true. It is really hard to crack long passwords but you may have gone difficulties in accessing your account. So, having the numeric and special characters to include in the password is way better than creating long password.


Title: Re: Creating strong password.
Post by: Dudeperfect on October 17, 2018, 04:38:41 PM
Yes, generating and using a strong password containing multiple characters, special characters and digits are crucial to deal with the infinite amount of hacking attempts taking place every second. I would not recommend using the password generator for generating passwords but to come up with own pattern of the password with complex characters because it is not just easy to remember but also unique in its own sense.


Title: Re: Creating strong password.
Post by: Kezacky on October 17, 2018, 05:33:06 PM
very helpful. I'm still new, does the overall password use sequential numbers and the alphabetical letters are still strong?
example:
~ abc12345def
~ 12345abcde


Title: Re: Creating strong password.
Post by: boyptc on October 17, 2018, 05:38:25 PM
Btw, is that seminar is only about making good password for 3 days?
Nope, it is just only a part or a topic of that 3 day training seminar.
Okay I thought its only about making passwords stronger.

very helpful. I'm still new, does the overall password use sequential numbers and the alphabetical letters are still strong?
example:
~ abc12345def
~ 12345abcde
I don't think so.

See the example above and as much as possible you don't create a password like that.


Title: Re: Creating strong password.
Post by: Harlot on October 17, 2018, 06:05:40 PM
The problem with uncrackable passwords is that you can't re-use them on other accounts and it leads to a lot of strong passwords in each different accounts which makes it impossible for you to remember all of them. Password manager softwares is the solution to this kinds of problem and I think not remembering all your passwords at all is not a problem anymore as there is a software doing it for you. Another thing to keep in mind is that even if you have a strong password you should regularly check your computer if it has any kind of malicious softwares as no matter how strong your passwords are if they can track it, your passwords would be useless.


Title: Re: Creating strong password.
Post by: S_Therapist on October 17, 2018, 07:27:27 PM
Password manager softwares is the solution to this kinds of problem and I think not remembering all your passwords at all is not a problem anymore as there is a software doing it for you.
I don't need a password manager even.
The only password I remember is my email's password. I use a random password on random sites and most of the time I reset. I don't feel boring. Sometimes
, I need to reset my accounts 2 times a day, lol.

~ abc12345def
~ 12345abcde
Those passowrds can be guessed easily. The best one may be- BtC4257$a, Almost impossible to crack. Use password with all combination as like as @OgNasty suggested.


Title: Re: Creating strong password.
Post by: joniboini on October 18, 2018, 03:04:24 AM
A strong password has a big entropy. Try to use an entropy calculator to see the entropy of your password. Using something like https://apps.cygnius.net/passtest/ is good (use it offline).


Title: Re: Creating strong password.
Post by: pooya87 on October 18, 2018, 04:17:29 AM
that picture is a little misleading in my opinion, which i believe is because you are posting it out of context and without that explanation of the author. these words are probably examples but only by looking at the picture you won't get that.
for example the second one "looksstrong" shouldn't take 10 days to crack since it is words that are found in a dictionary. of course the "s" in "looks" makes it a little harder but it is still pretty simple to crack. same with "LooksStrong" although capitalization makes it a lot safer but it is not yet "safe".
part of the misleading part that i mentioned is because it is using words, you may look at "LooksStrong" and think a 2 word password with capitalization is strong and takes 59 years to crack so you use a 2 word password with capitalization like "MyPassword" and it cracks in 3 seconds!

generally speaking you want all conditions together not just some: length + hi/lo chars + symbols + numbers
here is an interesting website: http://www.passwordmeter.com/


Title: Re: Creating strong password.
Post by: hugeblack on October 18, 2018, 07:27:06 AM
We could use this in cryptocurrency for we know that password is a vital part in creating accounts to store crypto in wallets, accounts for trading crypto and etc.
Strong passwords are a part of protecting your account but not only your account security. There are better ways to protect your account from using a unique password though it is the basis for protecting your account.

One of the most critical problems, in my opinion, is the difficulty of generating those words from the ordinary user where it is difficult for the user to remember passwords such as "fw5J||59TanCRys."
So the best solution is to save those words "notepad, paper," copy and paste it every time. Which will be dangerous if there are viruses on your computer.
One of the best sites that offer that service is[1]

[1] https://strongpasswordgenerator.com/ "offline"


Title: Re: Creating strong password.
Post by: sud on October 18, 2018, 09:06:24 AM
Very interesting topic. I think everyone using online services should take to heart, especially in crypto space when your money is at stake. I really started thinking about strong passwords as a safety measure, when I was making my first account on coinbase (which was the first crypto related service I used). So I made a pattern that helps me remember all my passwords on different sites without always checking - I'm using my core word and add another part which depends on the service name, of course everything includes lower and upper case letters, numbers and special characters. Same goes for passphrases to all my crypto wallets.


Title: Re: Creating strong password.
Post by: gorkem on October 18, 2018, 09:21:10 AM
Good recommendation) but if Your computer is infected with a virus any password can be hacked.To minimize the risk it is worth paying attention to browser extensions.If possible, do not install anything.I also use a touch keyboard when entering passwords.


Title: Re: Creating strong password.
Post by: sud on October 18, 2018, 09:26:16 AM
@gorkem

You mean screen keybaord? This is good idea, I'm doing it whenever I have to log in somewhere using unknown computer, so the potential keylogger won't hijack my password. Another thing is to always turn on 2 factor authenticator (application one, not SMS), it greatly reduce the risk of hacking your account.


Title: Re: Creating strong password.
Post by: guybrushthreepwood on October 18, 2018, 09:39:14 AM
Take a look on this sample password and the time that the password could be crack!

Quote

Note: CTTO (Credit to the Owner of that Picture)

I don't think this is wholly accurate. The second one would take less than a day to crack according to https://howsecureismypassword.net/

"looks5strong" would be four years.

Regardless, sometimes it doesn't matter how strong your password is if your security is lax in other areas and that's where people often slip up. If you get a keylogger or some other virus that can grab your passwords from your browser then you're screwed either way. I've seen people boast online that their passwords are 30 random characters but yet they keep them in a notepad or in their email. Sometimes all attackers need is access to your email and then they can reset your accounts at will.


Title: Re: Creating strong password.
Post by: Yadstiker on October 18, 2018, 01:18:09 PM
A great idea of yours sharing this kind of information for all to get aware and have an idea by choosing a good password but we should also consider it's still possible to get scammed when you open too many sites which has too many adds and maybe if you don't know it's a fishing site until you can't open your account.


Title: Re: Creating strong password.
Post by: erikoy on October 18, 2018, 02:08:36 PM
A great idea of yours sharing this kind of information for all to get aware and have an idea by choosing a good password but we should also consider it's still possible to get scammed when you open too many sites which has too many adds and maybe if you don't know it's a fishing site until you can't open your account.
Definitely but that is a different story, I agree that those hacking sites could phished one out just by letting you logging in a fake website or application that looks like real.

Take note that legit and secure website read like this (https:) and not secured website has only like read like this (http:) without letter s. This is the only thing I know about secured or legit website and not secured website. I guess there are many good members here that could explain further on your posts. You may create also a thread for this for the newbies. This is very important for the awareness of the new comers here. This will let them avoid  scam and phishing activities.


Title: Re: Creating strong password.
Post by: TryNinja on October 18, 2018, 02:36:06 PM
Take note that legit and secure website read like this (https:) and not secured website has only like read like this (http:) without letter s. This is the only thing I know about secured or legit website and not secured website. I guess there are many good members here that could explain further on your posts. You may create also a thread for this for the newbies. This is very important for the awareness of the new comers here. This will let them avoid  scam and phishing activities.
This has nothing to do with a "legit" website. Anyone can get a free SSL certificate in 2 minutes (literally) and then have HTTPS in their website.

You shouldn't be looking at the text before the domain but at the domain itself. E.g: If you are on Binance, double check if it's binance.com and not binaence.com or binance.tk; Most phishing websites try to take advantage of the user who type the wrong domain or click at the unknown email with the fake website.


Title: Re: Creating strong password.
Post by: cleygaux on October 18, 2018, 02:55:09 PM
Does it mean "LooksStrong" password can be cracked for 59 years? really? I used some really good password generator before and it can actually generate thousands of passwords in an hour but unfortunately Im not successful using it because I only test it in a very strong password characters with special characters and numbers.


Title: Re: Creating strong password.
Post by: GDragon on October 18, 2018, 03:26:28 PM
I think some of us aware of this thing today because as you see in every application,  they required a strong password to pass the registration of accounts. In fact,  there are only few application didn't care on what combination you will put.


Title: Re: Creating strong password.
Post by: mjglqw on October 18, 2018, 03:29:05 PM
Take note that legit and secure website read like this (https:) and not secured website has only like read like this (http:) without letter s. This is the only thing I know about secured or legit website and not secured website. I guess there are many good members here that could explain further on your posts. You may create also a thread for this for the newbies. This is very important for the awareness of the new comers here. This will let them avoid  scam and phishing activities.
This has nothing to do with a "legit" website. Anyone can get a free SSL certificate in 2 minutes (literally) and then have HTTPS in their website.

You shouldn't be looking at the text before the domain but at the domain itself. E.g: If you are on Binance, double check if it's binance.com and not binaence.com or binance.tk; Most phishing websites try to take advantage of the user who type the wrong domain or click at the unknown email with the fake website.
At this point I wouldn't even trust looking at the address bar. It's a lot safer to type it in yourself(or via a browser bookmark). There was this Binance phishing site in the past with the url: biṇaṇce.com. Yes. Take a look at it a bit closer. biace.com. There's a dot under both n's. That's tricky as hell.


Title: Re: Creating strong password.
Post by: TryNinja on October 18, 2018, 03:51:33 PM
At this point I wouldn't even trust looking at the address bar. It's a lot safer to type it in yourself(or via a browser bookmark). There was this Binance phishing site in the past with the url: biṇaṇce.com. Yes. Take a look at it a bit closer. biace.com. There's a dot under both n's. That's tricky as hell.
Damn. I thought the mainstream browsers (at least Chrome and Firefox) had fixed this issue already. The best solution at this point is bookmark each website and use an extension with an anti-phishing system like EAL or Metamask to make sure youíre in the right website.


Title: Re: Creating strong password.
Post by: nakamura12 on October 19, 2018, 03:35:39 AM
Damn. I thought the mainstream browsers (at least Chrome and Firefox) had fixed this issue already. The best solution at this point is bookmark each website and use an extension with an anti-phishing system like EAL or Metamask to make sure youíre in the right website.
Yes, it is the best solution. My firefox browser had lots of bookmarked websites wether old topics or new ones that is helpful even until now.

For me , a strong password is enough long with number, and special characters that hacker can not access to our  account
Refer to Ognasty's suggestion or refer to op's infographic, however it's up to you on what password you would like for example:
1P4a3S5sW1o4r3D5* looks hard enough to where I got that sample password but it's a word Password and numbers 1 4 3 5 and special characters just like Ognasty's suggestion or the Op's infographic. I think you only read the title which is all about creating a strong password, good luck with that mate.


Title: Re: Creating strong password.
Post by: pooya87 on October 19, 2018, 05:27:06 AM
One of the most critical problems, in my opinion, is the difficulty of generating those words from the ordinary user where it is difficult for the user to remember passwords such as "fw5J||59TanCRys."

it will come down to the purpose of that password in my opinion. for example password of an Email account is not of the same importance as password for the encryption of a key printed on a paper wallet. the first one can simply be "myHard@MailPass69:)" but the second one should be harder since you would need to enter the first one multiple times and losing an Email is not important most of the times but you only want the second password once so it can be "s2ujkCb27$6hdb@7bn5+Dpc3*9dm"!

there is also password managers that are safe to use, and some open source, that can handle generation and storage of strong passwords which you can use in a safe manner.


Title: Re: Creating strong password.
Post by: guybrushthreepwood on October 19, 2018, 09:23:40 AM
Does it mean "LooksStrong" password can be cracked for 59 years? really? I used some really good password generator before and it can actually generate thousands of passwords in an hour but unfortunately Im not successful using it because I only test it in a very strong password characters with special characters and numbers.

A password generator is not a cracking tool. I wouldn't rely on that image and using something as simple as LooksStrong as a password either and it's better to be safe than sorry. Passwords should be much stronger and longer than that but they don't need to be ridiculously so, especially if you run the risk of forgetting it which is another security risk arguably even a bigger one than hackers.

One of the most critical problems, in my opinion, is the difficulty of generating those words from the ordinary user where it is difficult for the user to remember passwords such as "fw5J||59TanCRys."

it will come down to the purpose of that password in my opinion. for example password of an Email account is not of the same importance as password for the encryption of a key printed on a paper wallet. the first one can simply be "myHard@MailPass69:)" but the second one should be harder since you would need to enter the first one multiple times and losing an Email is not important most of the times but you only want the second password once so it can be "s2ujkCb27$6hdb@7bn5+Dpc3*9dm"!



Nobody is going to be able to bruteforce a gmail password so that doesn't need to be ridiculously strong, but obviously don't use something simple. Email providers normally usually have 2fa options as well so make sure you utilize them for an extra layer. 


Title: Re: Creating strong password.
Post by: VolkoB on October 19, 2018, 06:57:50 PM
And so if we use a password with 12 characters (including case, numbers, and 1-2 special characters) such a password cannot be decoded, at least brute. There are many more intelligent ways to steal a password from a victim. Therefore, be safe and do not use the same password everywhere


Title: Re: Creating strong password.
Post by: Korkorjkk on October 20, 2018, 10:01:23 AM
This is a great information, thanks for sharing. I think I want to add something small to it, that do not use one password for different accounts, and you can have a small notebook in which you can write the passwords in them.


Title: Re: Creating strong password.
Post by: erikoy on October 20, 2018, 10:26:37 AM
This is a great information, thanks for sharing. I think I want to add something small to it, that do not use one password for different accounts, and you can have a small notebook in which you can write the passwords in them.
Yes, we have all initiative and it is also a common sense when it comes to keeping safe of the password we use for an account. I have different way of keeping my password too. I wrote it in the word and save as a document and zip it in a folder. I have also to copy the document in a removable storage device for a back up of my password. Thus, I have to keep it discrete for it has a lot of password that includes private key for all of my digital wallets.

Does it mean "LooksStrong" password can be cracked for 59 years? really? I used some really good password generator before and it can actually generate thousands of passwords in an hour but unfortunately Im not successful using it because I only test it in a very strong password characters with special characters and numbers.
No, not really it is just a reference for you on how to create a password and how many years it could be cracked. But, it doesn't mean that the password could only be cracked on 59 years for there could be chances that it will be cracked less than 59 years. My post only specified how difficult password could be cracked using special characters and uppercase letters password.


Title: Re: Creating strong password.
Post by: Edrahil67 on October 20, 2018, 12:57:23 PM
You can test your password on this website https://howsecureismypassword.net/

It's show you how long is take for a computer to crack it

for exemple : ilovebitconsomuch

take  23 million years to crack !  ;D


Title: Re: Creating strong password.
Post by: LoyceV on October 22, 2018, 10:16:59 AM
You can test your password on this website https://howsecureismypassword.net/
NEVER enter any of your password anywhere else than the original website where you use it! This is how you lose your security.

Quote
for exemple : ilovebitconsomuch

take  23 million years to crack !  ;D
Just like the examples in the OP, this isn't true! It's a very dumb method to estimate the cracking time for dictionary words as if it's random characters.
Scientific paper Speed Optimizations in Bitcoin Key Recovery Attacks (https://eprint.iacr.org/2016/103.pdf) gives some examples (page 6) of brain wallet passwords they cracked:
1.  say hello to my little friend
2.  to be or not to be
3.  Walk Into This Room
4.  party like itís 1999
5.  yohohoandabottleofrum
6.  dudewheresmycar
7.  dajiahao
8.  hankou
9. {1summer2leo3phoebe
10.  0racle9i
11.  andreas antonopoulos
12.  Arnold Schwarzenegger
13.  blablablablablablabla
14.  for the longest time
15.  captain spaulding
According to the website you showed, these passwords would be impossible to crack. In reality, a smart attacker can crack them.
To prevent this, you'll need to have a password with random characters, and for that, you'll need a password manager.


Title: Re: Creating strong password.
Post by: mjglqw on October 22, 2018, 10:32:44 AM
I think this is great, but if you're someone like me, creating it isn't the problem... remembering it is!

Password managers exist. It makes it a lot easier since you only need to memorize one complex password- your master password. Everything else: you other passwords, will be generated and stored on the password manager itself.

Lookup KeePass2. It blows my mind why people still don't use password managers.

Its debatable, that is according to this article: Overall Security of Password Managers Debatable, Cracking Firm Says (https://www.securityweek.com/overall-security-password-managers-debatable-cracking-firm-says). I'm old school anyhow, I would rather write down my password or memorize everything instead of using password manager.

Yes. It definitely depends. Using a password manager is pretty useless if your master password itself is weak, and it the password database you're using is in the cloud. If done well, using a password manager is definitely better in my opinion.

Writing down your password is definitely safer. No question about that. But would I memorize or write down every single password I use online? Knowing that I have more than 30 accounts online, hell no. Not to mention that I have to type in a 40-character password every time I have to login to a specific website? Nope. Not a single chance I'm doing that. Using the pen and paper method is pretty much only feasible if you have only a few accounts(probably 5 max). Imagine writing all 30 different 40-character passwords on paper. Thinking about it alone makes me nauseous; let alone memorizing every single one.

Another thing on the pen and paper method. If you have lots of accounts, you'd have to write every single password; the margin for error is pretty high in my opinion. Not to mention you'd have to make multiple copies if ever you lost your original copy. The percentage chance of you messing up/missing a single character of a single password is definitely not zero.


Title: Re: Creating strong password.
Post by: Areding on November 04, 2018, 12:14:30 PM
The longer the password and the more randomness of letters and numbers in it, the harder it is to crack it, as fraudsters are looking for logically constructed passwords. Therefore, keep in mind)


Title: Re: Creating strong password.
Post by: Ardavan2150 on November 04, 2018, 12:20:26 PM
I think the best way to select a strong password is to let Google Chrome or Safari choose it for you.
They have "suggested password" option whenever you want to create an account.
They create a crazy complicated password and suggest it to you, and you just have to say yes.
Then they save it for you on your Gmail. You just have to make sure your Gmail account password is strong and turn on the extra security feature for it to make sure you don't loose it.


Title: Re: Creating strong password.
Post by: shasan on November 04, 2018, 02:47:22 PM
To create strong password you can use https://passwordsgenerator.net/
From https://passwordsgenerator.net/ you can get random and strong password which no one can imagine and also it is easy to generate. You can create password by combine of Symbols, Numbers, Lowercase Characters, Uppercase Characters. Also while generating password you can exclude Similar Characters as well as Ambiguous Characters.
And even you can select how many characters the password will be!


Title: Re: Creating strong password.
Post by: nakamura12 on November 04, 2018, 03:04:02 PM
To create strong password you can use https://passwordsgenerator.net/
From https://passwordsgenerator.net/ you can get random and strong password which no one can imagine and also it is easy to generate. You can create password by combine of Symbols, Numbers, Lowercase Characters, Uppercase Characters. Also while generating password you can exclude Similar Characters as well as Ambiguous Characters.
And even you can select how many characters the password will be!
Check the Op's provided image the password you stated is the same as  the op's provided image that contains Uppercase, Lowercase, numbers and more. Using the password generator is also a good idea to choose a strong password but for me i'll use password generator as my guide on what to add when making a password. I prefer creating my own password that is based on internet or generator but I won't use passwords from passwords generators.


Title: Re: Creating strong password.
Post by: dvdrewritable on November 14, 2018, 10:58:42 AM
Thanks for your nice post with an informative photo. Yes, the password is one of the most serious issues for creating an account and it should be strong as no one can break it. But for making secure my wallet and information I generally like to use a password manager that's why I have been using LastPass and KeePass password manager.


Title: Re: Creating strong password.
Post by: erikoy on April 04, 2019, 01:01:21 PM
I think this topic was useful here so I am just wanting to bump this thread as it has been given the chance to get merit.

Anyway, I just remember this and was able to apply it after the seminar. So far it is effective though others had given also their input which is also good. But, to those who are not really that techie and wish about knowing good password then you can start reading the post again and see the image I posted.


Title: Re: Creating strong password.
Post by: madrogue on April 04, 2019, 03:33:57 PM
Creating a strong password is good to secure your account and keep it safe. But, there are have other ways, that hacker can steal your password. They can steal by use phising, keylogger, brute force and many more to steal your password.
I think you can add autenthication to add more secure your account.


Title: Re: Creating strong password.
Post by: jerry0 on April 05, 2019, 05:20:58 PM
How do you even remember these passwords then if so many cap and lower case letters?


Title: Re: Creating strong password.
Post by: nakamura12 on April 05, 2019, 10:22:14 PM
How do you even remember these passwords then if so many cap and lower case letters?
It's not a big problem to remember the passwords. I know that you want to ask about what if I forgot my password?, there is a simple solution to remember your passwords by writing it down on a piece of paper then keep it safe and if it happens that you forgot your password, all you have to do is check the password you have wrote in the piece of paper.


Title: Re: Creating strong password.
Post by: Siren on April 06, 2019, 04:50:26 AM
I watched a lecture on that topic some time ago. It said that the main thing about password is in its length and the randomness of the used words. They said something like: sunnyflyuingpotatoesholiday is aslmost as hard to crack as the ones with symbols and numbers. Don't know if it's true, but the lecture was persuasive)
Giving random special characters and numbers together with letters for me is much safer than a long letters password.i wan hacked once in my online game thats why now i am more particular in my passwords creation for the assurance of not becoming a victim again

How do you even remember these passwords then if so many cap and lower case letters?
Its your stupidity if you dont come to remember a passwod that you are the one who created,ofcourse for the beginning you need to write if down so you wond forgot that soon


Title: Re: Creating strong password.
Post by: Thanasis on April 06, 2019, 07:23:42 AM
There are many random password generators available on internet which is much stronger than any characters were are thinking and if you pick 64 character password means it is impossible for anyone to crack it but please save your password copy as hardcopy saving on your system or in any clouds will make the condition worse.


Title: Re: Creating strong password.
Post by: Hasmizara on April 06, 2019, 11:58:10 AM
How to Create a Strong Password (and Remember It)
https://www.howtogeek.com/195430/how-to-create-a-strong-password-and-remember-it/


Title: Re: Creating strong password.
Post by: TryNinja on April 06, 2019, 11:25:33 PM
How do you even remember these passwords then if so many cap and lower case letters?
By using a trusted password manager. One strong password to hold many other strong passwords.

Repeating the same password is dumb, and using a weak password is also dumb. So that's (IMO) the best solution.


Title: Re: Creating strong password.
Post by: Retina on April 07, 2019, 12:43:48 AM
How do you even remember these passwords then if so many cap and lower case letters?
By using a trusted password manager. One strong password to hold many other strong passwords.

Repeating the same password is dumb, and using a weak password is also dumb. So that's (IMO) the best solution.
Yep, trusted password manager may help manages password, I think a strong password should be of 8-16 digits. Generally, the password should be like the picture below.
Quote


Title: Re: Creating strong password.
Post by: pooya87 on April 07, 2019, 03:34:54 AM
How do you even remember these passwords then if so many cap and lower case letters?
By using a trusted password manager. One strong password to hold many other strong passwords.

Repeating the same password is dumb, and using a weak password is also dumb. So that's (IMO) the best solution.

in addition to this, there is always the good old method of using pen and paper to create a hard copy of your passwords. although this method is susceptible to physical theft but it still is a good way of securing your passwords if you keep that paper in a safe place that nobody can access.


Title: Re: Creating strong password.
Post by: chris_90 on April 07, 2019, 02:56:50 PM
Strong password is not enough to feel safe even if it is created with divers signs. It is good to look for exchanges which have high security standards, for example CoinDeal. You are informed about every login attempts on your email also confirmations are needed if you want to withdraw cryptocurrency.


Title: Re: Creating strong password.
Post by: ETFbitcoin on April 07, 2019, 03:41:50 PM
How do you even remember these passwords then if so many cap and lower case letters?
By using a trusted password manager. One strong password to hold many other strong passwords.

Repeating the same password is dumb, and using a weak password is also dumb. So that's (IMO) the best solution.

Alternatively, if you don't want use password manger, guide by xkcd (https://xkcd.com/936/) could be useful :

https://imgs.xkcd.com/comics/password_strength.png

It's not best/most secure way to create password, but IMO it's balanced between difficulty of bruteforce/to remember.
Just make sure those random words isn't easily associated with your activity, hobby or identity.


Title: Re: Creating strong password.
Post by: bob123 on April 08, 2019, 01:46:33 PM
I often hear people about complexity vs. length when talking about password security.

There is a simple answer to this: length.


Lets look at it:

Complexity:
We got a charset of 26 (lower case letters) + 26 (upper case letters) + 10 (numbers) + 32 (special characters) = 94
Now with a 'normal' password length (8 chars) we got 6.095.689.385.410.816 possibilities.

Length:
If we look at lowercase letters only, we got a base of 26.
A password with a length of 12 has 95.428.956.661.682.176 different combination and already is about 15 times stronger than a complex password with 8 chars.


Increasing the exponent (charsetlength) is way more efficient than increasing the base.

A lowercase password with the length of 12 is hardly arguable better memorizable than a 8 char password using lower+uppercase, numbers and special chars.


So, if you want to create a strong password, rather pass on complexity, and increase the length by a few more characters.


Title: Re: Creating strong password.
Post by: BitBustah on April 08, 2019, 02:02:56 PM
How do you even remember these passwords then if so many cap and lower case letters?
By using a trusted password manager. One strong password to hold many other strong passwords.

Repeating the same password is dumb, and using a weak password is also dumb. So that's (IMO) the best solution.

I use strong passwords on different websites,  I do this without a password manager and I remember everything just fine.  I find a long string of words similar to an electrum seed to be the easiest option for me.  Just make sure you really use randomized words.