Naked Science Forum
General Discussion & Feedback => Just Chat! => Topic started by: RD on 27/09/2009 19:34:24
-
Can anyone work out what English word FTLM1XP0II is derived from ?
Only one standard mathematical operation was applied to the English word to convert it into FTLM1XP0II
[Clue FTLM1XP0II doesn't have a "Z" in it].
-
The method is as secure as your computer. If there is a way into your computer ANY information may be gotten off of it, including your method and algorithm to convert a password into "FTLM1XP0II"
NOW. as math can be grossly complicated, even for just one variable, I doubt that anyone can just guess that the original password is "F***off"
-
No computer is all that secure.
http://en.wikipedia.org/wiki/Rubber_hose_cryptanalysis
-
OK here's the method, treat the original meaningful English word as if it was a number in base 36,
then convert it to another base, in this case base 35, (that's my "one standard mathematical operation") ...
[ Invalid Attachment ]
The point of the exercise is so I can remember the password.
I can remember passwords like "CAPITALISM" but would have difficulty remembering secure gibberish like "FTLM1XP0II"
BTW "f*** off" is not a secure passphrase ...
Avoid dictionary words in any language
Criminals use sophisticated tools that can rapidly guess passwords that are based on words in multiple dictionaries, including words spelled backwards, common misspellings, profanity, and substitutions.
http://www.microsoft.com/protect/fraud/passwords/create.aspx
[ So forget all that substituting letters with lookalike numbers 80110ck5 ]
[Clue FTLM1XP0II doesn't have a "Z" in it].
Base 35 does not include "Z", it only goes up to "Y".
-
Hummmmm ..... I think someone has mistaken this forum for Benchly Park. Ain't no crypto-graphers here - at least I'm not.
-
... I think someone has mistaken this forum for Benchly Park.
Y'mean Bletchley park (http://www.bletchleypark.org.uk/), (although they probably do have benches in the park).
-
I am not from that cold little island spot in the North Sea. How should I know when the pronunciation is so far from the way it is spelled - sounds like Welsh Gaelic!
-
The more examples of the encrypted text that are available the easier it becomes to find the decryption algorithm. Any clues to the algorithm used or to the nature and length of any key reduce the problem hugely. Guessing the algorithm from one word is impossible.
-
Avoid dictionary words in any language
Criminals use sophisticated tools that can rapidly guess passwords that are based on words in multiple dictionaries, including words spelled backwards, common misspellings, profanity, and substitutions.
(Emphasis mine...)
Sophisticated? LMAO *snkr* There are ready made tools to be found all over the internet! And programming such a tool isn't even hard. You need an internet connection, or a huge harddisk at home... I'm not going to explain how... simply google for "Rainbow Tables"
And now for some completely different...
If you like to play around with cryptology check out this toy/tool
CryptTool (http://www.cryptool.com/index.php/en.html)
You can easily explore complex algoritms like Diffy-Hellmann and RSA, but you find good ol' Ceasar as well.
-
Thanks for the CrypTool Link MonikaS.
With the ever increasing computer power, (Moores "law" (http://en.wikipedia.org/wiki/Moore%27s_law)), dictionary hacks, and brute force attacks become more widely possible.
As you say the people doing this do not have to be sophisticated.
Anyone using passwords which include dictionary words are easy meat for them.
But I find trying to remember meaningless, but secure, gibberish passwords rather difficult
and have to resort to writing them down, thus rendering them less secure.
With my base conversion encryption I write down, or can remember, meaningful words, then convert them to base XX when I want to use them.
[my actual encryption method is slightly different but still uses base change to generate the gibberish pass phrase]