Jump to content
Tuts 4 You

Using Unique Website Passwords...


Teddy Rogers

Recommended Posts

Teddy Rogers

Due to recent hacks and stolen databases leaked from various websites I have been reading a bit about studies done on users' website passwords and seen various statistics on peoples poor choice of passwords; commonality, length and complexity. You would think it is quite easy to use unique passwords - and it is! Unfortunately many of us frequent numerous websites and as such human nature tends towards laziness because no one likes to remember 10 or 20+ unique passwords. People then use a password they can remember and use that password across multiple sites and don't think about lax password security exposing them to a security risk across other websites they frequent. It doesn't have to be this way.

There are a number of simple tools you can use to help generate unique complex and lengthy website passwords by only having to remember one password. Password Hasher and SuperGenPass Generator are but two of a number of tools which are able to do this and good news is some of them are plugins, extensions or addons that integrate directly within your browser.

How do they work? They simply use a hash algorithm to generate a unique password string from your own master password with that of the websites domain and/or sub-domain name. Simple. Use it! :)

Ted.

Link to comment
CodeExplorer

I use KeePass for keeping passwords
/>http://keepass.info/download.html

Also contain a password generator.

Use KeeFox to get passwords from KeePass into Firefox.
/>http://keefox.org/

And an important think: use an obscure/personal email address

  • Like 2
Link to comment
  • 1 month later...

Here's link to interesting article about "How to create and remember strong passwords" by F-Secure ...


http://safeandsavvy.f-secure.com/2010/03/15/how-to-create-and-remember-strong-passwords/

Personally,I'm using a similar technique like this,and gotta admit it's quite good method..

Example: I pick up the first or second character of the domain name,and the first/middle/last character of

the domain extension,and have inbetween there +-10 chars/numbers which i will remember for 100% sure.

The password is different for every site.

And I'm quite sure none could "hack" this 10 char "pin" of mine,since it doesn't make any sense

(except to me,birth-dates mixed with nick names/slang words) unless someone had some keylogger planted on

my computer. :)

I think that type of a method was also covered by F-Secure..

Edited by Jaymz
Link to comment
  • 2 years later...

well if i use shoty password then its mean its have doutful that any time my pass will be leakage right?


and if i use mixed chr then how ti will be..? sorry for if i wrong


Link to comment

i am taking about brute forcing attack

if a person chooses 12 character password with numbers(10) ,symbols(30) and upper/lowercase(26*2=52)

total possible pw= 92!*92!*92!*92!*92!*92!*92!*92!*92!*92!*92!*92.

P(correct pw)=1/92!*92!*92!*92!*92!*92!*92!*92!*92!*92!*92!*92

its all about permutation and combination

brute forcing this pw required time and machine power

thats why we use big mixed char password.......

im done...

Edited by souvik das
Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...