Master Password Generator & vault
- les
- Experimentor
- Posts: 6126
- Joined: Thu Apr 19, 2007 10:04 am
- Gender: Male
- Sexual Orientation: Bisexual/Bi-Curious
- I am a: Dom (Male)
- Sub/Slave(s): My serfs
All 2 True is head Serf - Location: London England
- Contact:
Master Password Generator & vault
Off-Line Password Generator & Vault For Desktop & Mobile
I look forward to Doxy giving this a yes OR no vote,
In light of recent security leak scandals, people are beefing up security on their personal accounts to paranoid levels. Security is always at a premium and to serve that end there are numerous solutions available.
http://www.addictivetips.com/windows-ti ... tor-vault/
Lord Les
Be careful what you wish for!
Growing OLD Is Inevitable,
But Growing UP... Is Optional
OR
Why do I have to stop being a KID now I can afford it.
Be careful what you wish for!
Growing OLD Is Inevitable,
But Growing UP... Is Optional
OR
Why do I have to stop being a KID now I can afford it.
Re: Master Password Generator & vault
That cant be right...it surely must take more time!the phrase 7&62-0~!vbB can be guessed in about 3 days at 1000 guesses/sec.
Stoya Denisa Heaven
Blue Angel Caprice
Blue Angel Caprice
Re: Master Password Generator & vault
No that's not right and here's a few reasons why.
1) According to GRC's Password Haystack¹ in order to exhaust all possible combinations of that letter space it would take 1.83 billion centuries at 1,000 attempts per second. Granted you wouldn't have to try every possible combination to get to this particular password, but I'm still going to venture a guess that you won't be breaking it within a few million years at that rate.
2) An attack of this scale would never go unnoticed by system administrators. Large sites would notice it relatively quick and smaller sites would be overwhelmed by it. Either way they would most certainly take steps to stop/slow any such attack.
3) Take a look around at any site using modern software and you'll see that after a few failed attempts they lock an account for a set period and will often times require a captcha after it's unlocked. This means that at best you could do a few dozen tries a minute. Breaking an 8 character password at that rate becomes almost impossible.
For anybody that has doubts I'd ask this simple question; if it is possible to break a complex password with brute force over the internet in a few days or even weeks then why isn't it happening on a regular basis? There are unscrupulous people all around the world that have access to servers that would be able to do such a thing if it was really possible.
¹ https://www.grc.com/haystack.htm
1) According to GRC's Password Haystack¹ in order to exhaust all possible combinations of that letter space it would take 1.83 billion centuries at 1,000 attempts per second. Granted you wouldn't have to try every possible combination to get to this particular password, but I'm still going to venture a guess that you won't be breaking it within a few million years at that rate.
2) An attack of this scale would never go unnoticed by system administrators. Large sites would notice it relatively quick and smaller sites would be overwhelmed by it. Either way they would most certainly take steps to stop/slow any such attack.
3) Take a look around at any site using modern software and you'll see that after a few failed attempts they lock an account for a set period and will often times require a captcha after it's unlocked. This means that at best you could do a few dozen tries a minute. Breaking an 8 character password at that rate becomes almost impossible.
For anybody that has doubts I'd ask this simple question; if it is possible to break a complex password with brute force over the internet in a few days or even weeks then why isn't it happening on a regular basis? There are unscrupulous people all around the world that have access to servers that would be able to do such a thing if it was really possible.
¹ https://www.grc.com/haystack.htm
Re: Master Password Generator & vault
Thanks James.
BTW, I dont agree with GRC that D0g..................... is more difficult to crack than the other one. As pointed out in the other thread, password crackers can employ "strategies" that humans use in order to generate passwords. And padding is a known common strategy.
BTW, I dont agree with GRC that D0g..................... is more difficult to crack than the other one. As pointed out in the other thread, password crackers can employ "strategies" that humans use in order to generate passwords. And padding is a known common strategy.
Stoya Denisa Heaven
Blue Angel Caprice
Blue Angel Caprice
- DoxysTurtle
- Explorer At Heart
- Posts: 309
- Joined: Wed Oct 05, 2011 4:07 am
- Gender: Male
- Sexual Orientation: Straight
- I am a: Submissive
- Location: USA
- Contact:
Re: Master Password Generator & vault
Security is a complex issue, with lots of debates over encumberance vs effectivness.
The issue with offline password storage is that someone can copy the vault/files over more easily for a brute force attempt. Being able to do this, removes any ability for the system to lock things out from many bad guesses, along with allowing various other techniques for finding memory exploits in the program.
However using different passwords for each site, and non-patterned ones, does make you overall considerably more secure, as then a single site being compromised doesn't compromise your other logins. So it can be argued to increase security, along with having a higher security than writing them out on paper.
The issue with offline password storage is that someone can copy the vault/files over more easily for a brute force attempt. Being able to do this, removes any ability for the system to lock things out from many bad guesses, along with allowing various other techniques for finding memory exploits in the program.
However using different passwords for each site, and non-patterned ones, does make you overall considerably more secure, as then a single site being compromised doesn't compromise your other logins. So it can be argued to increase security, along with having a higher security than writing them out on paper.
Who is online
Users browsing this forum: No registered users and 12 guests