<\/p>\n
It’s common sense for most people on the hacking side of computer security as we know how easy it is to break a password when it’s only a few characters long or it uses a dictionary word (even if it is postfixed with a couple of digits, a hybrid dictionary attack breaks it pretty fast).<\/p>\n
Even more so if you are utilising some decent Rainbow Tables and the RainbowCrack<\/a> method (time\/memory trade-off).<\/p>\n The basics of creating a secure password:<\/p>\n Some potential weaknesses to avoid:<\/p>\n Once you have a good password it’s equally important to keep your password secure:<\/p>\n And never label that scrap of paper in any way, write it down on an the back of an old businesscard or something that doesn’t indicate it’s a password.<\/p>\n Don’t give anyone who finds (or gains access to) your purse\/wallet any clue of what the password means or what it is related to. <\/p>\n 128 bit entropy in a password requires a long randomized passphrase, which wouldn’t be very usable, there has to be a trade somewhere between security and usability.<\/p>\n You can also use online password generators such as http:\/\/makemeapassword.com\/<\/a>, the problem with these however, is that they do create strong passwords but they aren’t easy to remember, which kind of defeats the purpose.<\/p>\n Another thing you can do is use something like a password safe to keep all the hard to remember passwords in one place, the one I would recommend is from Bruce Schneier<\/a> and is actually called “Password Safe”.<\/p>\n Password Safe is an Open Source (free) tool that allows you to have a different password for all the different programs and websites that you deal with, without actually having to remember all those usernames and passwords. Password Safe runs on PCs under Windows (95\/98\/NT\/2000\/XP).<\/p><\/blockquote>\n You can find it here: Any other inputs?<\/p>\n <\/p>\n\n
\n
\n
\n
\nhttp:\/\/passwordsafe.sourceforge.net\/<\/a><\/p>\n