Solved

How much secure is a password conting a repeted two 7-digits with a letter between?

Posted on 2006-07-02
17
419 Views
Last Modified: 2011-04-14
How much secure is a password conting a repeted two 7-digits with a letter between? example :6095283r6095283 .
0
Comment
Question by:brokenlove
  • 3
  • 3
  • 2
  • +7
17 Comments
 
LVL 14

Assisted Solution

by:FriarTuk
FriarTuk earned 50 total points
ID: 17027126
if it finds the hash for either side (ie the #'s), then the other side will be instant & 1 letter is easy

a good pswd shoulb be 8 digits or more
has combo of letters (upper & lower), numbers, & special characters (with out any known words in a dictionary -nor names or personally related #'s like phone, addr, etc)

ex:  iculo0kn@mE2
0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 100 total points
ID: 17027374
According to "experts" there is no correlation between complexity and difficulty to break. The *only* relative criteria is password length.
Example:
"My mother was born in March"  <== yes spaces can be used in a passphrase
With 27 characters is much more difficult to break than any 15-digit password regardless of complexity or combinations of digits, numbers, letters, capitals, or other
Myg00DPa$$w0rD at 14 characters with combinations of lower case, uppper case, numbers and other ($$) is more likely to be cracked than a 16 letter passphrase that is easy to remember.
 
0
 
LVL 12

Assisted Solution

by:public
public earned 50 total points
ID: 17028123
>According to "experts" there is no correlation between complexity and difficulty to break.

Maybe if an algorithmic method is used. On the other hand the passphrase may be broken quickly using social engineering methods if you have used a similar strategy before.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
LVL 15

Assisted Solution

by:Ryan_R
Ryan_R earned 100 total points
ID: 17028152
if you use an 8 character password that's not a dictionary word (has letters and numbers and characters) it will take approx 59 years for a pc to figure it out (year 11 exam knowledge here)

i doubt that the password is secure now that weve all seen it     ;-)

also make sure that you can remember it
0
 
LVL 10

Assisted Solution

by:fm250
fm250 earned 50 total points
ID: 17028264
It also depends on your OS, so if you have linux box only first 8 chars are used in the password, the rest are ignored.
- The best practice however is to have mixed of letters and numbers and spcicial charaters and easy for the user to remember for example: Fr33b1rd = free bird.
- make sure that you train your users to not to send their password through emails or post them to thier screens.
- always moniter security logs and services
- don't allow week passwords, remember that hackers start from nothing then using any user account, then get to admin or root user

- always update your software and services, since most hackers don't actually run password crakers for years, but instead uses flows and bugs to get to admin account easily.


hope this helps!
0
 
LVL 23

Assisted Solution

by:Erik Bjers
Erik Bjers earned 50 total points
ID: 17028642
It's been said, but I'm going to say it again... a password with a repeated 7 digits with a letter between is not secure.

I also agree that a combo of at least 3 of the character types is a good idea (CAPITAL, lowercase, numbers 1234..., special chars !@#$%^&...) is important.  Also avoide dictonary words or phrases as these are easier to crack.  Replace letters with other characters like; a=@ or &, e= 3, c=(, i = ! or 1 and so on.  This makes passwords easier to remeber but harder to crack.  Also come up with your own letter - char combos, and don't replace every letter with a char (if you have 2 a only replace one of them).

All this will give you a secure password.

ex: P&$$uu0rD is a strong password (I woulden't use it... but gives you some ideas on char replacment)

eb
0
 
LVL 18

Expert Comment

by:carl_legere
ID: 17028671
a rainbow will have the 7 numbers hashed, indeed which will make finding the hash of the whole thing (15 characters) a breeze.  What is cool though is all the wasted time trying 9 digits, then 10 then 11, 12,13,14...
on my cracker (dual P4 2.8) that would add about 2 days.
0
 
LVL 44

Assisted Solution

by:scrathcyboy
scrathcyboy earned 50 total points
ID: 17028800
If you added 2 more letters and two capical letters into that mainly number string, your password would count as MAXIMUM encrytion security on the mocrosoft scale of login password security.  As it is now, with only one letter in lower case, it only qulaifies for "low" strength encryption.  Two more lower case, makes it "medium", and add 2-3 upper case letters, and it now makes "maximum" strength encryption.
0
 
LVL 44

Expert Comment

by:scrathcyboy
ID: 17028808
OH and BTW, sorry to disagree with you all above, but MS has debugged the most secure passwords, and they include a serious number of upper and lower case letters in addition to numbers, so all the comments above, about password length is the "only" consideration, to "it doesnt matter", sorry to say you are all wrong, even lrmoore -- according to microsoft.  And after all, MS is right, so how can we mere contributors question what microsoft has delivered to us ?
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17028809
I would only use the string of numbers once, or atleast reverse the second string.
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 17028821
Agree with scrathcyboy, length is not the only important factor use of complexity is very important.

eb
0
 

Accepted Solution

by:
stalkerz earned 50 total points
ID: 17029751
Having a password that is long and complex is the best option. A brute force password cracker will always start testing passwords with say: AAAAA then AAAAB, AAAAC and so forth till it run's through the alphabet, numbers etc.
So say it takes 5 hours to get to APPPP when brute forcing, then it would take much longer to get to AZZZZ right.
From this I would say a good rule of thumb is when using letters, to try use one's that are near the end of the alphabet, this will increase the time it takes to brute force your password.
0
 
LVL 18

Expert Comment

by:carl_legere
ID: 17030177
interesting that the definative source of authority on passwords, according to Scrathcyboy is.. ah hem Microsoft?
0
 
LVL 5

Expert Comment

by:NAORC
ID: 17030804
http://www.securitystats.com/tools/password.php

use this tool to check the strengths of your password.
0
 
LVL 10

Expert Comment

by:fm250
ID: 17031894
Don't use the above link provided by NAORC for real password though. you may be  at risk if somebody is capturing the bakets. use it for test and read the rest of the page, the DO’S and DONT’S. it gives you the guidlines
0
 
LVL 44

Expert Comment

by:scrathcyboy
ID: 17033003
you are appreciating my dry sense of humour, Carl :)
0
 
LVL 15

Expert Comment

by:Ryan_R
ID: 17046868
on behalf of everyone who is sleeping on the other side of the world right now (or at least should be sleeping) thanks for the points
0

Featured Post

Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Force a WIFI client onto a specific access point 7 63
rajdeep0081@hotmail.com 3 100
Cisco router external connection issues. 6 30
Isolated network on ESXi 6.5 8 30
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question