Author Topic: Password Security ?  (Read 1671 times)

0 Members and 1 Guest are viewing this topic.

Offline zer0ping

  • NULL
  • Posts: 4
  • Cookies: -1
  • Aspiring Grey-hat
    • View Profile
Password Security ?
« on: January 13, 2016, 04:38:12 am »
Hey guys, a pretty simple question.

Does anyone encode their passwords? For example, if my password was "nickelback" and i encode it in ascii, and delete every space in between numbers, it would be "110105099107101108098097099107049" (with spaces, it is "110 105 099 107 101 108 098 097 099 107 049").  That's a helluva lot safer than "nickelback"  ;D

cheers--



=========================================================

"Yes, I am a criminal.  My crime   is that of curiosity.  My crime is
that of judging people by what they say and think, not what they look like.
My crime is that of outsmarting you, something that you will never forgive me
for." 

Offline proxx

  • Avatarception
  • Global Moderator
  • Titan
  • *
  • Posts: 2803
  • Cookies: 256
  • ФФФ
    • View Profile
Re: Password Security ?
« Reply #1 on: January 13, 2016, 07:44:12 am »
Hey guys, a pretty simple question.

Does anyone encode their passwords? For example, if my password was "nickelback" and i encode it in ascii, and delete every space in between numbers, it would be "110105099107101108098097099107049" (with spaces, it is "110 105 099 107 101 108 098 097 099 107 049").  That's a helluva lot safer than "nickelback"  ;D

cheers--
Numeric is the smallest character space there is , honestly , hard to remember, weak and too long for practical use.
« Last Edit: January 13, 2016, 07:44:31 am by proxx »
Wtf where you thinking with that signature? - Phage.
This was another little experiment *evillaughter - Proxx.
Evilception... - Phage

Offline Kurajber

  • Serf
  • *
  • Posts: 43
  • Cookies: 7
  • Don't Drink and Root
    • View Profile
Re: Password Security ?
« Reply #2 on: January 14, 2016, 12:09:42 am »
Hey guys, a pretty simple question.

Does anyone encode their passwords? For example, if my password was "nickelback" and i encode it in ascii, and delete every space in between numbers, it would be "110105099107101108098097099107049" (with spaces, it is "110 105 099 107 101 108 098 097 099 107 049").  That's a helluva lot safer than "nickelback"  ;D

cheers--

If your password was "nickelback", you could just add some more words and achieve the same level of security like with your example. Eg. nickelbackfaggotssuckdicksreallyhard - way easier to remember.
« Last Edit: January 14, 2016, 12:09:53 am by Kurajber »
0000010100100000

Offline zer0ping

  • NULL
  • Posts: 4
  • Cookies: -1
  • Aspiring Grey-hat
    • View Profile
Re: Password Security ?
« Reply #3 on: January 14, 2016, 01:30:39 am »
Yeah, sounds smarter.

But if i could write my passwords in, say, notes in my phone, wouldn it better to encode a word, or a set of words, in some protocol? not necessary only numbers?

cheers--


=========================================================

"Yes, I am a criminal.  My crime   is that of curiosity.  My crime is
that of judging people by what they say and think, not what they look like.
My crime is that of outsmarting you, something that you will never forgive me
for." 

Offline Kurajber

  • Serf
  • *
  • Posts: 43
  • Cookies: 7
  • Don't Drink and Root
    • View Profile
Re: Password Security ?
« Reply #4 on: January 14, 2016, 02:28:02 am »
If you want to store your passwords somewhere I'd suggest you to use a password management software. I am not using any, so I can't recommend a specific one, but a lot of people here are, so they'll give you opinions if you're not sure which one to pick.
« Last Edit: January 14, 2016, 02:48:38 am by Kurajber »
0000010100100000

Offline kenjoe41

  • Symphorophiliac Programmer
  • Administrator
  • Baron
  • *
  • Posts: 990
  • Cookies: 224
    • View Profile
Re: Password Security ?
« Reply #5 on: January 14, 2016, 08:10:57 am »
Keepassx is what i use to keep my passwords.
But there is a way to actually go around without storing any password with any password manager but yet having too complex passwords for the human mind to remember. It is by using a custom made password generator using an algorithm that is easy to reproduce and something familiar about the site. Xires explained it to me but i lost the notes, gonna look fot it and make a tutorial here.
If you can't explain it to a 6 year old, you don't understand it yourself.
http://upload.alpha.evilzone.org/index.php?page=img&img=GwkGGneGR7Pl222zVGmNTjerkhkYNGtBuiYXkpyNv4ScOAWQu0-Y8[<NgGw/hsq]>EvbQrOrousk[/img]

Offline gh05t3d

  • /dev/null
  • *
  • Posts: 11
  • Cookies: -2
  • jabber: gh05t3d@jabb3r.org
    • View Profile
    • My website?
Re: Password Security ?
« Reply #6 on: January 17, 2016, 01:12:53 am »
why not combine the old letters/numbers? Deff hard to crack with bruteforcers/pass lists.
  n1ckl3b4ck
Jabber: gh05t3d@jabb3r.org

Offline white-knight

  • Knight
  • **
  • Posts: 190
  • Cookies: 26
    • View Profile
Re: Password Security ?
« Reply #7 on: January 17, 2016, 01:49:24 am »
Speaking of password security check this out

https://blog.kaspersky.com/password-check/


Just put in something stupid  and read the message at the bottom . It cracked me up thinking of all the kids on here trying to hack their school computers lol

Offline 0pt1musPr1m3

  • EZ's Asshole
  • Peasant
  • *
  • Posts: 89
  • Cookies: 90
  • Certified Asshole
    • View Profile
Re: Password Security ?
« Reply #8 on: January 17, 2016, 08:09:08 am »
why not combine the old letters/numbers? Deff hard to crack with bruteforcers/pass lists.
  n1ckl3b4ck

dafuq? are you serious? You really think that makes it that much harder?
Don't measure yourself by what you have accomplished, but by what you should have accomplished with your ability.

Offline n01xxv

  • Serf
  • *
  • Posts: 21
  • Cookies: 1
    • View Profile
Re: Password Security ?
« Reply #9 on: January 17, 2016, 12:28:08 pm »
Number of possibility for a password with the length n and k is the possible number of character :


So I think that n1ckl3b4ck is not so secure :D

Try password like passphrases type :
alula undress hiccup maison sorry dedicate gombroon shoal kingfish
And you can add some special caracter :
alula!undress#hiccup;Maisonsorry dedicate.gombroon,sh0alkingfish

But don't do thing that are derived from nickelback it can be guessable ;) Only use random caracter or passphrase with random words choose on different dictionnaries.
"Which came first, the bug or the exploit ?"
-- blackngel - Phrack 67 - 0x08

Offline kenjoe41

  • Symphorophiliac Programmer
  • Administrator
  • Baron
  • *
  • Posts: 990
  • Cookies: 224
    • View Profile
Re: Password Security ?
« Reply #10 on: January 17, 2016, 03:06:45 pm »
why not combine the old letters/numbers? Deff hard to crack with bruteforcers/pass lists.
  n1ckl3b4ck
There are faster bruteforcers that are going ot put you to shem if combined with permutations. This is shitballs.
If you can't explain it to a 6 year old, you don't understand it yourself.
http://upload.alpha.evilzone.org/index.php?page=img&img=GwkGGneGR7Pl222zVGmNTjerkhkYNGtBuiYXkpyNv4ScOAWQu0-Y8[<NgGw/hsq]>EvbQrOrousk[/img]

Offline Syntax990

  • Peasant
  • *
  • Posts: 129
  • Cookies: 77
  • Bruce Willis
    • View Profile
    • Evilzone "Hack"
Re: Password Security ?
« Reply #11 on: January 17, 2016, 05:37:44 pm »
Encoding passwords has always felt like bullshit to me. It gives a false sense of security of your password actually being more secure.

Password basics are well known. More characters, lower, upper, special and numbers in a random order is more than sufficient.

Besides, let's say your attacker knows what encoding you are using (In a bruteforce context), they could easily just not include charactors outisde your chosen encoding, further compromising the passwords effectiveness.