Page 3 of 3 FirstFirst 123
Results 21 to 21 of 21

Thread: new user passwords are now 'judged'

  1. #21
    Join Date
    Aug 2010
    Location
    Arizona USA
    Beans
    2,788
    Distro
    Ubuntu Development Release

    Re: new user passwords are now 'judged'

    Quote Originally Posted by ventrical View Post
    I have always used 9 letter passwords [...]
    Quote Originally Posted by bouncingwilf View Post
    Well my philosophy is to use a really strong password (15 Chars+) and then to set autologin.[...]

    It's my machine and I'll do what I like!
    Interesting!

    I used a 26 letter password, at one time, but... sometimes I have to use someone else's machine, like a "gas pump" at a service station (odometer reading for corporate credit card), or an ATM machine (PIN number), and they won't allow that many characters.

    I digress: I ran a program for over 2 years, on a dedicated machine, trying to randomly guess the correct order of the english alphabet (yes, I know there is no true randomness on computers). After 2 years, it had correctly guessed the first 13 letters. At 100K tries a second, I judged that it would take 1,840,645,487,000,000,000,000,000 years to guess them all -- soooo, I figured a 26 letter password was pretty safe. LoL!

    On PCs, I finally settled on 10 letters -- a mixture of caps/lower-case letters, numbers, international english keyboard characters, and punctuation symbols -- arranged in a geometric pattern.

    On other systems, you have to go with the flow. For instance, my cell phone provider only allows four numbers. Really! What a bunch of morons...

    Anyway, the 10 letter sequence I normally use, allows me to use my left "pinky" (hidden under the palm of my left hand) to press the [shift] key, so if someone is watching me type my password (over my shoulder, with a security camera, etc.) they still don't know what I typed.

    I have my web server(s) setup to use keyboard login or a virtual keyboard, so nobody can capture my login sequence with a "keylogger".

    You can do the same thing on an Ubu box by implementing Onboard or Matchbox.

    Example: I`m typing this line with Matchbox




    Anyway, it's GOOD to be a little paranoid, especially if you're connected to the web, controlling web servers remotely (including forum mods & admins), doing online banking, blah, blah, blah.
    Last edited by VinDSL; December 2nd, 2012 at 07:36 PM. Reason: Typo Demon Strikes Again
    Intel ® P4 Extreme Edition 3.4 (Gallatin) || DFI ® LanParty PRO875B rev B1
    Crucial ® Ballistix Tracer PC4000 1GB || Mountain Mods U2-UFO Opti-1203
    XFX 7600GT 560M AGP (PV-T73A-UDF3) || Corsair HX520W Modular PSU

Page 3 of 3 FirstFirst 123

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •