# How much secure is a password conting a repeted two 7-digits with a letter between?

How much secure is a password conting a repeted two 7-digits with a letter between? example :6095283r6095283 .
###### Who is Participating?

x

Commented:
Having a password that is long and complex is the best option. A brute force password cracker will always start testing passwords with say: AAAAA then AAAAB, AAAAC and so forth till it run's through the alphabet, numbers etc.
So say it takes 5 hours to get to APPPP when brute forcing, then it would take much longer to get to AZZZZ right.
From this I would say a good rule of thumb is when using letters, to try use one's that are near the end of the alphabet, this will increase the time it takes to brute force your password.
0

Commented:
if it finds the hash for either side (ie the #'s), then the other side will be instant & 1 letter is easy

a good pswd shoulb be 8 digits or more
has combo of letters (upper & lower), numbers, & special characters (with out any known words in a dictionary -nor names or personally related #'s like phone, addr, etc)

ex:  iculo0kn@mE2
0

Commented:
According to "experts" there is no correlation between complexity and difficulty to break. The *only* relative criteria is password length.
Example:
"My mother was born in March"  <== yes spaces can be used in a passphrase
With 27 characters is much more difficult to break than any 15-digit password regardless of complexity or combinations of digits, numbers, letters, capitals, or other
Myg00DPa\$\$w0rD at 14 characters with combinations of lower case, uppper case, numbers and other (\$\$) is more likely to be cracked than a 16 letter passphrase that is easy to remember.

0

Commented:
>According to "experts" there is no correlation between complexity and difficulty to break.

Maybe if an algorithmic method is used. On the other hand the passphrase may be broken quickly using social engineering methods if you have used a similar strategy before.
0

if you use an 8 character password that's not a dictionary word (has letters and numbers and characters) it will take approx 59 years for a pc to figure it out (year 11 exam knowledge here)

i doubt that the password is secure now that weve all seen it     ;-)

also make sure that you can remember it
0

Commented:
It also depends on your OS, so if you have linux box only first 8 chars are used in the password, the rest are ignored.
- The best practice however is to have mixed of letters and numbers and spcicial charaters and easy for the user to remember for example: Fr33b1rd = free bird.
- make sure that you train your users to not to send their password through emails or post them to thier screens.
- always moniter security logs and services
- don't allow week passwords, remember that hackers start from nothing then using any user account, then get to admin or root user

- always update your software and services, since most hackers don't actually run password crakers for years, but instead uses flows and bugs to get to admin account easily.

hope this helps!
0

It's been said, but I'm going to say it again... a password with a repeated 7 digits with a letter between is not secure.

I also agree that a combo of at least 3 of the character types is a good idea (CAPITAL, lowercase, numbers 1234..., special chars !@#\$%^&...) is important.  Also avoide dictonary words or phrases as these are easier to crack.  Replace letters with other characters like; a=@ or &, e= 3, c=(, i = ! or 1 and so on.  This makes passwords easier to remeber but harder to crack.  Also come up with your own letter - char combos, and don't replace every letter with a char (if you have 2 a only replace one of them).

All this will give you a secure password.

ex: P&\$\$uu0rD is a strong password (I woulden't use it... but gives you some ideas on char replacment)

eb
0

Commented:
a rainbow will have the 7 numbers hashed, indeed which will make finding the hash of the whole thing (15 characters) a breeze.  What is cool though is all the wasted time trying 9 digits, then 10 then 11, 12,13,14...
on my cracker (dual P4 2.8) that would add about 2 days.
0

Commented:
If you added 2 more letters and two capical letters into that mainly number string, your password would count as MAXIMUM encrytion security on the mocrosoft scale of login password security.  As it is now, with only one letter in lower case, it only qulaifies for "low" strength encryption.  Two more lower case, makes it "medium", and add 2-3 upper case letters, and it now makes "maximum" strength encryption.
0

Commented:
OH and BTW, sorry to disagree with you all above, but MS has debugged the most secure passwords, and they include a serious number of upper and lower case letters in addition to numbers, so all the comments above, about password length is the "only" consideration, to "it doesnt matter", sorry to say you are all wrong, even lrmoore -- according to microsoft.  And after all, MS is right, so how can we mere contributors question what microsoft has delivered to us ?
0

I would only use the string of numbers once, or atleast reverse the second string.
0

Agree with scrathcyboy, length is not the only important factor use of complexity is very important.

eb
0

Commented:
interesting that the definative source of authority on passwords, according to Scrathcyboy is.. ah hem Microsoft?
0

Commented:

0

Commented:
Don't use the above link provided by NAORC for real password though. you may be  at risk if somebody is capturing the bakets. use it for test and read the rest of the page, the DO’S and DONT’S. it gives you the guidlines
0

Commented:
you are appreciating my dry sense of humour, Carl :)
0