It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Password Hackers List
page: 2share:
I prefer pass-phrases to "pass words" for various reasons. The main one being my understanding of computer-based password cracking.
This is a subject I've studied a little bit, for reasons I won't get into.
There are PW-cracker programs out there that one can use. They can be programed with dictionary files, which will then try to "brute force" their way into an account. Many accounts have systems in place to prevent this (which is why on some sites your login will be locked after 5 failed attempts.) The best brute force programs, however, have ways around this. (And don't bother looking if you don't already understand, as you have to know a little something just to set the right parameters for software like this).
As I mentioned, most of these programs can be made to check passwords on a dictionary file. There are dic files which contain all the words in a common dictionary, and then there are specialized ones. I've seen dictionary files which contain lists of the most commonly used passwords, and I've written custom files which will check particular words and sequences of numbers based on a particular person's interests (and of course birthdays, etc etc)
The other way a program like this can function is an alphanumeric attack where it will try every possible combination (with a set of parameters which you choose), beginning at 0000 (or wherever you choose) and ending at zzzzzzzzzzzzzzzz (or wherever you choose) and checking every combination in between. This is why many sites make you combine numbers with letters. In most alpha-numeric attacks abc123 will occur much later in the search than just abcdef or 123456.
As you can imagine, it takes time and processing power to keep trying, and failing, passwords on any account. The serious crackers will run multiple programs (sometimes on multiple computers) to help speed things up. A real hacker could harness MANY computers for this task. That kind of thing is way above my level of understanding. lol
Point being, however, this is the reason they tell you to change your PW often. The longer it remains the same, the greater the chance a skilled cracker could force their way into your account.
When I am not using shorter combos of letters and numbers (for accounts which are not particularly vital to me) I enjoy using long phrases I can easily remember.
inordertoformamoreperfectunion
or even better
inorderto4mamoreperfectunion
This is a subject I've studied a little bit, for reasons I won't get into.
There are PW-cracker programs out there that one can use. They can be programed with dictionary files, which will then try to "brute force" their way into an account. Many accounts have systems in place to prevent this (which is why on some sites your login will be locked after 5 failed attempts.) The best brute force programs, however, have ways around this. (And don't bother looking if you don't already understand, as you have to know a little something just to set the right parameters for software like this).
As I mentioned, most of these programs can be made to check passwords on a dictionary file. There are dic files which contain all the words in a common dictionary, and then there are specialized ones. I've seen dictionary files which contain lists of the most commonly used passwords, and I've written custom files which will check particular words and sequences of numbers based on a particular person's interests (and of course birthdays, etc etc)
The other way a program like this can function is an alphanumeric attack where it will try every possible combination (with a set of parameters which you choose), beginning at 0000 (or wherever you choose) and ending at zzzzzzzzzzzzzzzz (or wherever you choose) and checking every combination in between. This is why many sites make you combine numbers with letters. In most alpha-numeric attacks abc123 will occur much later in the search than just abcdef or 123456.
As you can imagine, it takes time and processing power to keep trying, and failing, passwords on any account. The serious crackers will run multiple programs (sometimes on multiple computers) to help speed things up. A real hacker could harness MANY computers for this task. That kind of thing is way above my level of understanding. lol
Point being, however, this is the reason they tell you to change your PW often. The longer it remains the same, the greater the chance a skilled cracker could force their way into your account.
When I am not using shorter combos of letters and numbers (for accounts which are not particularly vital to me) I enjoy using long phrases I can easily remember.
inordertoformamoreperfectunion
or even better
inorderto4mamoreperfectunion
reply to post by iwilliam
For a hacker with the computing power to make 1000 guesses a second a five-letter random all lower case password would take three and three-quarter hours to crack
If you increase your password to twenty letters the hack time goes up
www.guardian.co.uk...
Cran
For a hacker with the computing power to make 1000 guesses a second a five-letter random all lower case password would take three and three-quarter hours to crack
If you increase your password to twenty letters the hack time goes up
and the cracking time increases, just a little bit: it's 6.5 thousand trillion centuries.
www.guardian.co.uk...
Cran
reply to post by cranspace
Yes, me also. And, believe it or not, a great many Administrators of companies also use simple, easy to guess passwords. Here is a free tip for you all, from one who has a bit of experience in these matters. A hacker uses dictionaries to crack passwords, one for all lower case, one for all Upper Case, one for numbers, and one for symbols. If you use all four in your password, then the hacker has to run all dictionaries, which takes some time to do. Delay him long enough, he will go away to another, easier computer. The 4 most common passwords I have ran across is god, love, sex, and 123456.... Go figure.
I am stunned that people would use the word Password for there security
Yes, me also. And, believe it or not, a great many Administrators of companies also use simple, easy to guess passwords. Here is a free tip for you all, from one who has a bit of experience in these matters. A hacker uses dictionaries to crack passwords, one for all lower case, one for all Upper Case, one for numbers, and one for symbols. If you use all four in your password, then the hacker has to run all dictionaries, which takes some time to do. Delay him long enough, he will go away to another, easier computer. The 4 most common passwords I have ran across is god, love, sex, and 123456.... Go figure.
Originally posted by autowrench
.Delay him long enough, he will go away to another, easier computer. The 4 most common passwords I have ran across is god, love, sex, and 123456.... Go figure.
For reasons of accuracy I would amend that first sentence to read "...he will USUALLY go away...."
In most cases this is true, of course. When you're talking about random hackers just grabbing accounts for whatever reaon... However, not so when the account is being specifically targeted for some reason. Whether that account contains important information, or desired access to information, or if the cracker in question is someone you know, trying to get into an account.
edit on 26-10-2012 by iwilliam because: (no reason given)
Um...you just GAVE US your password!!!
duh i reversed the numbers, i'm not stupid.
Someone did a study that was recently disseminated all over the web (although its originally from 2007) finding that the best passwords are actually
easy to remember phrases using two or three common words, for example Peanut Butter Jelly.
Passwords of this type would theoretically take 2000+ years to brute force and you dont have the added security issue of people having to write their passwords down on a bit of paper next to the computer (a common problem with complex alpha numeric passwords)
Heres the article if anyone wants to take a look link
Passwords of this type would theoretically take 2000+ years to brute force and you dont have the added security issue of people having to write their passwords down on a bit of paper next to the computer (a common problem with complex alpha numeric passwords)
Heres the article if anyone wants to take a look link
edit on 26-10-2012 by davespanners because: (no reason given)
Originally posted by davespanners
Passwords of this type would theoretically take 2000+ years to brute force and you dont have the added security issue of people having to write their passwords down on a bit of paper next to the computer (a common problem with complex alpha numeric passwords)
I saw that once, in a state organisation that had no internal network administrator (they had a private company doing that job for them), the computer monitor closest to the servers room had a post-it with the admin password.
It's an urban myth pretty much that you shouldn't write down your passwords. Of course having them on post it's next to the servers/computers is
bad idea but other than that. Also hackers use a trick by writing down the password but leaving a key word out of it.
new topics
-
Watts home paranormal activity
Paranormal Studies: 5 hours ago -
So, what is really going on in South Korea ?
World War Three: 5 hours ago -
Congress Says the FBI is Covering Up Vital Info on the Jan 5th 2021 D.C. Pipe Bombs at RNC-DNC.
Political Conspiracies: 6 hours ago -
The trial on kids was stopped
Medical Issues & Conspiracies: 9 hours ago -
Orbs Appear And Form Triangle On Live Cam.
Aliens and UFOs: 11 hours ago
top topics
-
Biden to award Presidential Citizens Medal to Liz Cheney and Bennie Thompson
US Political Madness: 13 hours ago, 11 flags -
Biden Has New Bizarre Injuries to His Face
Politicians & People: 12 hours ago, 11 flags -
The trial on kids was stopped
Medical Issues & Conspiracies: 9 hours ago, 9 flags -
Congress Says the FBI is Covering Up Vital Info on the Jan 5th 2021 D.C. Pipe Bombs at RNC-DNC.
Political Conspiracies: 6 hours ago, 9 flags -
Orbs Appear And Form Triangle On Live Cam.
Aliens and UFOs: 11 hours ago, 6 flags -
Elon Musk Calls for Tommy Robinson to be Freed - and Takes a Dig at Starmer
Politicians & People: 13 hours ago, 5 flags -
Something is not adding up in regards to the H-1B commotion
General Conspiracies: 12 hours ago, 5 flags -
So, what is really going on in South Korea ?
World War Three: 5 hours ago, 5 flags -
Watts home paranormal activity
Paranormal Studies: 5 hours ago, 3 flags
active topics
-
Post A Funny (T&C Friendly) Pic Part IV: The LOL awakens!
General Chit Chat • 7982 • : KrustyKrab -
Tesla Cybertruck Explodes in Front of Trump Hotel in Las Vegas
Mainstream News • 154 • : Guyfriday -
Ukraine halts transit of Russian gas to Europe after a prewar deal expired
Political Conspiracies • 115 • : Flyingclaydisk -
Biden Has New Bizarre Injuries to His Face
Politicians & People • 11 • : berbofthegreen -
Congress Says the FBI is Covering Up Vital Info on the Jan 5th 2021 D.C. Pipe Bombs at RNC-DNC.
Political Conspiracies • 21 • : charlest2 -
The trial on kids was stopped
Medical Issues & Conspiracies • 11 • : annonentity -
-@TH3WH17ERABB17- -Q- ---TIME TO SHOW THE WORLD--- -Part- --44--
Dissecting Disinformation • 3906 • : duncanagain -
Biden to award Presidential Citizens Medal to Liz Cheney and Bennie Thompson
US Political Madness • 14 • : WeMustCare -
So, what is really going on in South Korea ?
World War Three • 6 • : CriticalStinker -
The C.D.C. Says There Was NO INFLUENZA Worth Reporting for the 2020-2021 Flu Season.
Diseases and Pandemics • 98 • : WeMustCare