Top
Search n00bz.net
  • South Florida Security Resources
    • HackMiami.org
      HackMiami is made up of information security professionals, hardware engineers, network administrators, students, and those who simply enjoy technology.
    • South Florida ISSA
      The Information Systems Security Association is, "the pre-eminent trusted global information security community".
  • PenTest Solutions
    • Rapid7 Metasploit Express
      Metasploit Express is an affordable, easy-to-use penetration testing solution that provides full network penetration testing capabilities, backed by the world’s largest, fully tested and integrated public database of exploits.
    • Core Impact PRO
      Core Impact is designed to evaluate the whole of the security in an office ecosystem. It allows the user to probe for and exploit security vulnerabilities in computer networks, endpoints and web applications.
« Antivirus Options for Macs | Main | The problem with the United States »
Tuesday
May102011

Password Patterns

DateTuesday, May 10, 2011 at 11:38AM

The password "Password.1" is technically a strong password, however that is a password that JtR would be able to crack with ease.  Today in Lifehacker I read a great article about passwords.

Remember, more systems fell due to weak passwords than exploits.

From Lifehacker:

Most people, though, use the same patterns when choosing their passwords, like having the number 1 at the end, making these easier for hackers to crack.

Security expert Roger Grimes writes at InfoWorld how easily passwords can be guessed and says that these days passwords need to be longer than the mere six-to-eight characters typically used. The average password guesser can determine portions of a large majority of users' passwords:

Most professional password guessers know there is a 50 percent chance that a user's password will contain one or more vowels. If it contains a number, it will usually be a 1 or a 2, and it will be at the end. If it contains a capital letter, it will be at the beginning, followed by a vowel. The average person has a working vocabulary of 50,000 to 150,000 words, and they are likely to be used in the password. Women are famous for using personal names in their passwords, and men opt for their hobbies. "Tigergolf" is not as unique as CEOs think. Even if you use a symbol, an attacker knows which are most likely to appear: ~, !, @, #, $, %, &, and ?.

 

http://lifehacker.com/5800346/what-professional-password-guessers-look-for-in-your-password

Authorn00bz Network | CommentPost a Comment | Reference21 References |
tagged in

References (21)

References allow you to track sources for this article, as well as articles that were written in response to this article.

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

Notify me of follow-up comments via email.