Naked Science Forum
Non Life Sciences => Geek Speak => Topic started by: syhprum on 18/08/2017 09:50:04
-
my computer tells me that a 16 bit password of random alpha numeric characters has 4.01*10^38 combinations, some web pages demand such length, it looks like overkill to me !
-
a 16 bit password
A 16 bit password has 65,536 combinations. It won't take long to try all those (unless the computer wipes its memory after 10 attempts...).
I think you mean 16 characters = 16x8 bits = 128 bits.
2128 ≈ 1038
It would take a long time for one of today's home computers to try all combinations of a 128 bit password in software.
- But those with an interest in cracking passwords use massive parallel arrays of hardware assisted machines, which can do it much more quickly, while using less electricity than your home computer would have required.
- The risk is not so much for interception by today's computers, but the risk that someone will record your computer communications, and in 10 years revisit your archived session with a far more powerful computer that can crack it easily.
But why go to the trouble of cracking 128 bit passwords?
- In the past, computer worms have done great damage by just carrying around a list of common passwords, and trying them out on every computer they encounter.
- Rather than waste time and electricity cracking passwords, its much easier to install a keyboard logger on your computer, and read what 16 character password you typed.
- At one stage, the US government was allegedly redirecting computer shipments via its own warehouse so they could install spyware before the computer was shipped to the person who originally ordered it.
-
It turns out that people are often the weak link in cybersecurity. Spear-fishing attacks are remarkably successful--apparently there are enough people with access to sensitive information who are perfectly willing to click on a link from someone they think they know, and enter in their password or other information into a "secure" webform....
-
The shortest password that cannot be resolved is "pulltheplugout".
-
"The Only Secure Computer Is One That's Unplugged, Locked In A Safe, And Buried 20 Feet Under The Ground In A Secret Location."
However that may be considered to hinder it's usefulness.
-
Most systems are cracked via internet research and social engineering. Get the sysadmin drunk and he'll give you the keys to the kingdom. Some have been brazen enough to ring a department pretending to be the sysadmin. Loose lips sink ships is a very apt saying.
-
my computer tells me that a 16 bit password of random alpha numeric characters has 4.01*10^38 combinations, some web pages demand such length, it looks like overkill to me !
Even if the alpha characters are all the same case, 16 is overkill , if it's random , (so would require a brute force search (https://en.wikipedia.org/wiki/Brute-force_search) to crack).
(https://www.thenakedscientists.com/forum/index.php?action=dlattach;topic=71207.0;attach=23795;image)
https://www.grc.com/haystack.htm (https://www.grc.com/haystack.htm)
-
Wouldn't it take a hell of a lot time for a long password like that to get cracked ?
Like, a year ? :D Is is even possible to break it ?
-
You can generate by online passwords ;D ;D
-
my computer tells me that a 16 bit password of random alpha numeric characters has 4.01*10^38 combinations, some web pages demand such length, it looks like overkill to me !
Even if the alpha characters are all the same case, 16 is overkill , if it's random , (so would require a brute force search (https://en.wikipedia.org/wiki/Brute-force_search) to crack).
(https://www.thenakedscientists.com/forum/index.php?action=dlattach;topic=71207.0;attach=23795;image)
https://www.grc.com/haystack.htm (https://www.grc.com/haystack.htm)
What if we used the cia super computer ?
-
You can generate by online passwords ;D ;D
A good iead.
-
Most of us consider that the 4 digit number that secures our bank cards is adequate.
There are fewer than 10000 combinations (because some like 1234 are forbidden)
But you only get 3 attempts before teh machine keeps the card and sends it back to the real owner.
(and the number's only useful if you actually have the card)
The login at work doesn't limit how many tries you make to put in your password.
But each time you get it wrong, the machine doubles the delay time.
So the first time you mess up it delays you by a second, the next time you wait 2 seconds and if you need 3 tries you have to wait 4 seconds.
Brute forcing that is essentially impossible in any meaningful time.
The first 20 guesses will take about half an hour, you get a few more in before it's taking all day to try just one more guess, and the one after that takes 2 days.
-
What is longest random computer password that can be resolved?
0000000000000000000000000000000000000000000000000000000000000000000000000000000000000001
-
What is longest random computer password that can be resolved?
0000000000000000000000000000000000000000000000000000000000000000000000000000000000000001
https://dilbert.com/strip/2001-10-25
-
Try using 16 spaces.
-
Try using 16 spaces.
T r y u s i n g 1 6 s p a c e s
Doesn't seem to have achieved much.
-
Try using 16 spaces.
T r y u s i n g 1 6 s p a c e s
Doesn't seem to have achieved much.
" "