Re: Password Cracking

["David J. Bianco" <bianco () jlab org>]

GuidoZ wrote:
> Most people can remember a date/name, and combining multiples of such
> can make for good passwords as well. Say you have 3 cats with the
> names Snowball, Pepper, and Bob. Make your password like
> "Snowball1Pepper2Bob3" or something to that effect. It's easy for the
> person to remember, yet would be difficult for someone to guess. 

Even the old Crack program has built-in rules for combining dictionary
words with numbers and/or symbols between them when checking passwords.
I wouldn't really recommend generating passwords this way.  For easy to
remember passwords that are still fairly strong, the most common method is
to use first letters of words in a sentence, as someone else has already
mentioned.  If you generate passwords based on dictionary words and
numbers/symbols, they probably won't be as strong as you'd like.

        David


--
David J. Bianco, GSEC GCUX GCIH         <bianco () jlab org>
Thomas Jefferson National Accelerator Facility
GPG Fingerprint:  D150 8054 5191 29D8 2FEB  C2BB C6B9 29ED 8365 AF0B

     The views expressed herein are solely those of the author and
            not those of SURA/Jefferson Lab or the US DOE.


---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------