Comments on: How To Make a Simple Password — Unhackable for 580 million years!

By: Adam Jonsson

Adam Jonsson — Fri, 22 Jan 2010 09:42:17 +0000

My standard password is 10–12 characters so thanks for assuring me that I’m pretty safe. Of course that I can’t remember all of them — they are stored in KeePass database

By: Fairmutex

Fairmutex — Thu, 07 Jan 2010 05:10:59 +0000

Good explanation you have all my respect

But all of this assumes that the passwords are not stored hashed

Because hashing the password will loose some information so that you can never recover the password back. If the password is hashed then it takes less time to guess than described here because multiple passwords map to the same hash. Those who know a bit of math will understand this.

Example with binary (this is not what happens in reality just to give the gist to normal users)
Assume a password is 3 characters long
Lets say we remove the last character from password so that the password is not recoverable (i know this only need two attempts but am trying to make it simple to you)

set of passwords hash
000 00
001 00
010 01
100 10
101 10
110 11
111 11

by removing the last character we made more passwords valid to match the hash in this case its divided by 2. (its the nature of the example that made this decrease the amount of time to guess linear it might be exponentially reduced in reality)

So don’t be so sure of the accuracy of the calculation above.

By: foo bar

foo bar — Sun, 06 Dec 2009 14:40:33 +0000

Correction to my bullet #1:

1) How did you come up w/ 36 combinations. 32 characters in the English alphabet .…

By: foo bar

foo bar — Sun, 06 Dec 2009 14:39:13 +0000

I didn’t read all of the comments, but I have a few questions about this.

1) How did you come up w/ 32 characters? 32 letters in the English alphabet, assuming that’s the basis here. numbers 0–9 would make that 41.… I don’t get it.

2) You say that if number of characters = 1, that would make for 32 combinations. So you’re assuming case-insensitive. You should clarify.

3) Let’s not even go into special characters (they are chars after all).

4) Finally, if someone’s password is the letter “a”, then they deserve to be hacked.

By: oes tsetnoc

oes tsetnoc — Thu, 24 Sep 2009 06:38:55 +0000

great article tutorial, i am thinking to add more special characters of all my password to prevent hackers.
oes tsetnoc´s last blog ..Increase Link Popularity By Blog Commenting

By: Garry@moistdesigns

Garry@moistdesigns — Mon, 21 Sep 2009 07:52:21 +0000

Awesome for anyone to think on this.Simple logic with rationality makes this acceptable.Even if we consider technology updates and other factors and shorten the time by half still it is long enough time to think of another password,isn’t it I liked it.

By: Volksphone

Volksphone — Sat, 19 Sep 2009 13:25:32 +0000

Ok I think 59 years for computer hacker is really secure. I didn´t not live this time from this day.

regards
Volksphone
Volksphone´s last blog ..Usability-Schnelltest für die eigene Firmenwebsite

By: Hakeem - technology and gadgets

Hakeem - technology and gadgets — Mon, 07 Sep 2009 03:45:39 +0000

What along time just to be able to discover a password.
Hakeem — technology and gadgets´s last blog ..Tech Weekly podcast: Studying at the Singularity University

By: University Heights real estate

University Heights real estate — Sun, 06 Sep 2009 00:40:26 +0000

Thanks a ton Janith, this was a perfect table explaining how many characters are suitable, with having 10 character long password, I’ve been in favor of keeping two passwords. Like logging in for email or forums, you need two passwords to sign in. You can keep one password 10-character long and the other one shorter. But as you said it would take a computer hacker 59 years, my idea might not be worth practicing it lol.

By: Vic of BusinessAccent

Vic of BusinessAccent — Mon, 17 Aug 2009 17:02:24 +0000

Wow…great great article. My first time to read such post. Thanks. What a nice illustration of numeric figures. By the way, how about special characters like %$*, do they have the same difficulty with ordinary letters and numbers?