Cryptographic Strength of Passwords
The first thing I noticed logging into this site was the requirement for passwords to act as the primary key for the blockchain.
Interesting concept, made me think a little about the strength of passwords I use. You can go to various websites to check password strength (obviously not with a real password but one similar).
For example logmeonce
Using various randomly generated passwords (length 16) = time to crack is 6 trillion to 6 sextillion years (for a bunch of passwords I tried).
Increase length to 20, you get a bunch of passwords with a minimum time to crack of 6 sextillions years (some up into the nonillion year range).
Quite a big difference for 4 extra characters...
Trouble is try to remember a password like that (I do know that it is possible.
(
)
How about strings of random words?
Two Words
6 days (cursecharm)
97 billion years (eigenvectorconfused)
12 years (flirtbleakly)
8000 years (luxuryfrontier)
Three words
65 trillion years (admiralroboticmessiah)
97 billion years (flimsybeangeometric)
Four words
30 quintillion years (existentsoongymnistbreath)
9 octillion years (parasiticacrobaticwreckagepolar)
... and so on
Of course you need to find an offline way to generate the words. Should be easy enough
for example
$ for i in 1 2 3 4 5; do sed -n -e ${RANDOM}p /usr/share/dict/british-english; done
clannish
antibacterials
abashing
boater's
BASIC's
Interesting...
ehhhh, I'm no expert but I'm seriously doubting the time it would take to crack those. Personally I try not to use anything less than a 128 bit quality. Those passwords are ...
Use those passwords on a NXT wallet and see how long your wallet last. ;) It's nothing to do with NXT security, they're just weak passwords. I remember reading about a lot of people losing their funds back in the day for using weak passwords like the above. NXT started recommending or requiring not sure which, 35 chars minimum on passwords.
It's no different on your STEEM wallet here either. I would not trust my wallet here with passwords like that. The difference here is that you have some time to do something if you're Powered Up. Again I'm no expert, but I read enough horror stories to never use passwords less than 128 bit where I could.
No they are weak passwords... I agree and wouldn't use passwords with less than 4 words (based on the above somewhat spurious analysis).
Just illustrating the point. It's good to try to get memorable passwords using concatenated words, but you probably need at least four words.
Congratulations @robbieburns! You have received a personal award!
Click on the badge to view your Board of Honor.
Do not miss the last post from @steemitboard!
Participate in the SteemitBoard World Cup Contest!
Collect World Cup badges and win free SBD
Support the Gold Sponsors of the contest: @good-karma and @lukestokes
Congratulations @robbieburns! You received a personal award!
You can view your badges on your Steem Board and compare to others on the Steem Ranking
Do not miss the last post from @steemitboard:
Vote for @Steemitboard as a witness to get one more award and increased upvotes!