Comments on: Creating a Usable, Memorable and Secure Password http://blog.softlayer.com/2012/creating-a-usable-memorable-and-secure-password/ A Behind the Scenes Look at the Best Hosting Provider in the World Mon, 20 May 2013 22:26:24 +0000 hourly 1 http://wordpress.org/?v=3.4.1 By: Risk Management: Securing Your Servers – SoftLayer Blog http://blog.softlayer.com/2012/creating-a-usable-memorable-and-secure-password/comment-page-1/#comment-44763 Risk Management: Securing Your Servers – SoftLayer Blog Wed, 14 Nov 2012 22:40:57 +0000 http://blog.softlayer.com/?p=9207#comment-44763 [...] lock the door you leave from, and you head off to your destination. If Phil is right about “locks keeping honest people honest,” simply locking your front door may not be enough. When my family moved into a new house [...] [...] lock the door you leave from, and you head off to your destination. If Phil is right about “locks keeping honest people honest,” simply locking your front door may not be enough. When my family moved into a new house [...]

]]> By: Vivek Gite http://blog.softlayer.com/2012/creating-a-usable-memorable-and-secure-password/comment-page-1/#comment-42557 Vivek Gite Sun, 16 Sep 2012 06:30:21 +0000 http://blog.softlayer.com/?p=9207#comment-42557 Good intro from Google about how to create a strong password: http://youtu.be/0RCsHJfHL_4 Good intro from Google about how to create a strong password:

]]> By: Barry http://blog.softlayer.com/2012/creating-a-usable-memorable-and-secure-password/comment-page-1/#comment-42364 Barry Tue, 11 Sep 2012 13:53:10 +0000 http://blog.softlayer.com/?p=9207#comment-42364 Great stuff. I don think using l33t adds much entropy to your password. Since you take an interest to passwords, I'm also sure you've seen this comic by XKCD: http://xkcd.com/936/ It contains some good hints that may be helpful (as a simple variant of Diceware) Also, use an encrypting password safe wherever possible. I don't even know most of my passwords and I don't miss them Great stuff.

I don think using l33t adds much entropy to your password.
Since you take an interest to passwords, I’m also sure you’ve seen this comic by XKCD: http://xkcd.com/936/
It contains some good hints that may be helpful (as a simple variant of Diceware)

Also, use an encrypting password safe wherever possible. I don’t even know most of my passwords and I don’t miss them

]]> By: Adam http://blog.softlayer.com/2012/creating-a-usable-memorable-and-secure-password/comment-page-1/#comment-42339 Adam Mon, 10 Sep 2012 22:19:13 +0000 http://blog.softlayer.com/?p=9207#comment-42339 This is also a very good security checker for password strength: https://dl.dropbox.com/u/209/zxcvbn/test/index.html It measures password entropy based on dictionary/bruteforce attacks. Using this tool you can see that the entropy of "SoftLayer Private Clouds, no assembly required." is about 120 and "S0L@Y#Rpr!Vcl0udN)#mblyR#Q" is 124 although "SoftLayer Private Clouds, no assembly required." is much easier to remember. Even if we lower the original password length to 26 characters and have "SoftLayer Private Clouds, " because of the methods of brute force attack algorithms the password will take centuries to break. For an even stronger password it's best if the words are unrelated (thus "SoftLayer Private Clouds" would most likely not be a good password to have on your SoftLayer server). This is also a very good security checker for password strength:
https://dl.dropbox.com/u/209/zxcvbn/test/index.html

It measures password entropy based on dictionary/bruteforce attacks.

Using this tool you can see that the entropy of “SoftLayer Private Clouds, no assembly required.” is about 120 and “S0L@Y#Rpr!Vcl0udN)#mblyR#Q” is 124 although “SoftLayer Private Clouds, no assembly required.” is much easier to remember.

Even if we lower the original password length to 26 characters and have “SoftLayer Private Clouds, ” because of the methods of brute force attack algorithms the password will take centuries to break. For an even stronger password it’s best if the words are unrelated (thus “SoftLayer Private Clouds” would most likely not be a good password to have on your SoftLayer server).

]]> By: Adam http://blog.softlayer.com/2012/creating-a-usable-memorable-and-secure-password/comment-page-1/#comment-42338 Adam Mon, 10 Sep 2012 21:50:17 +0000 http://blog.softlayer.com/?p=9207#comment-42338 Perhaps you should read this --> http://xkcd.com/936/ Perhaps you should read this –> http://xkcd.com/936/

]]> By: Peter M Abraham http://blog.softlayer.com/2012/creating-a-usable-memorable-and-secure-password/comment-page-1/#comment-42324 Peter M Abraham Mon, 10 Sep 2012 14:53:45 +0000 http://blog.softlayer.com/?p=9207#comment-42324 http://www.dynamicnet.net/2012/03/weak-passwords-open-doors/ is our take on the issue. The key to remember is that each application / device should have its own unique password. http://www.dynamicnet.net/2012/03/weak-passwords-open-doors/ is our take on the issue.

The key to remember is that each application / device should have its own unique password.

]]>