Survivalist Forum banner

1 - 18 of 18 Posts

·
Proverbs 22:3
Joined
·
897 Posts
Discussion Starter #1
In the military; we needed a few different passwords, and they changed often. Here is how I wrote passwords down so noone could use them and they can be any length.
I am using a standard computer keyboard(QWERTY).
I start with one line of keys going diagonally up or down. With the shift key, the same line can be caps. or lowercase and numbers or symbols.
For an actual password, Ill use BGT%6yhnMJU&
Start with holding the shift key and go up the line from B to the number 5.
Go down the next line from the number 6 to the letter n.
Shift key again up from the letter M to the number 7.

To write the password so noone can read it, the hint is B6Mr
Capital B so you know to start at the B line with the shift key for the entire line.
6 so you use the next line without the shift key. (^ if caps for that line).
Capital M for caps up that line.
r is the slant from the top line. If you go up the "B" line on a right slant, it is BGT%. if you go up the "B" line to the left, it is BHU*.
I usually use the same slant for all lines, but you could mix left and right.
When you write the hint; everything to the left of "r" is right slant, everything to the left of "l" is left slant.
VFR$4esz would be written as hint: Vr4l

Just hate to have 20 passwords to remember and writing them is risky. This works for me to create very secure passwords and hints hard to decipher.

Hope this helps.
 

·
Registered
Joined
·
226 Posts
I think this is pretty solid advice. However, there's a difference between a password being easy to guess, and easy to crack. In the latter case, following any pattern might potentially increase the odds of breaking the password. The best thing you can do to prevent your password from being cracked is to use the maximum number of characters allowed.
 

·
Registered
Joined
·
1,525 Posts
I use a 4096 private/public key to vpn to the computers a work. I think for most purposes that is more than enough security.
I used a password cracker where a work and found most of the passwords wthin a couple hours. That's why I use the key method when I hit the internet.
 

·
Hubris begets Nemesis
Joined
·
7,751 Posts
Another easy way to create a difficult to crack password is to start with a phrase you know well. It could be a line from a song, a saying or some quote you easily remember, and then take the first letter from each word to make your password. Be sure to use quotation, question and exclamation marks.

Example: "Don't fire 'til you see the whites of their eyes!"

"Df'ystwote!"

Easy to remember or transmit-difficult to break.
 

·
Scarred for life...
Joined
·
3,295 Posts
A password based on the location of keys on a keyboard is not strong.

This is one of the first algorithms a hacker will try. There are ONLY a few (relatively) million possible passwords and they will be among the first tried.

I got this tip from a guy who worked for Microsoft.

Do a search for PGP key and look until you find something like this....

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (Darwin)
Comment: For info see http://www.gnupg.org

mQGiBDuVqKgRBAD5Mcvdc41W5lpeZvYplEuyEBXwmxnUryE2KaCG1C06sGyqgiec
VPXPbgIPKOUt4veMycVoqU4U4ZNuIeCGPfUvkGKLKvy5lK3iexC1Qvat+9ek2+yX
9zFlTo9QyT4kjn+xaZQYVctL370gUNV4eoiWDdrTjIvBfQCb+bf87eHv0QCg/7xt
wnq3uMpQHX+k2LGD2QDEjUcEALalUPPX99ZDjBN75CFUtbE43a73+jtNOLJFqGo3
ne/lB8DqVwavrgQQxQqjg2xBVvagNpu2Cpmz3HlWoaqEb5vwxjRjhF5WRE+4s4es
9536lQ6pd5tZK4tHMOjvICkSg2BLUsc8XzBreLv3GEdpHP6EeezgAVQyWMpZkCdn
Xk8FA/9gRmro4+X0KJilw1EShYzudEAi02xQbr9hGiA84pQ4hYkdnLLeRscChwxM
VmoiEuJ51ZzIPlcSifzvlQBHIyYCl0KJeVMECXyjLddWkQM32ZZmQvG02mL2XYmF
/UG+/0vd6b2ISmtns6WrULGPNtagHhul+8j7zUfedsWuqpwbm7QmTWFyayBBZGxl
ciA8bWFkbGVyQGFsdW1uaS5jYWx0ZWNoLmVkdT6IWAQQEQIAGAUCO5WoqAgLAwkI
BwIBCgIZAQUbAwAAAAAKCRB4P82OWLyvunKOAJ9kOC1uyoYYiXp2SMdcPMj5J+8J
XQCeKBP9Orx0bXK6luyWnCS5LJhevTy5Ag0EO5WoqRAIAPZCV7cIfwgXcqK61qlC
8wXo+VMROU+28W65Szgg2gGnVqMU6Y9AVfPQB8bLQ6mUrfdMZIZJ+AyDvWXpF9Sh
01D49Vlf3HZSTz09jdvOmeFXklnN/biudE/F/Ha8g8VHMGHOfMlm/xX5u/2RXscB
qtNbno2gpXI61Brwv0YAWCvl9Ij9WE5J280gtJ3kkQc2azNsOA1FHQ98iLMcfFst
jvbzySPAQ/ClWxiNjrtVjLhdONM0/XwXV0OjHRhs3jMhLLUq/zzhsSlAGBGNfISn
CnLWhsQDGcgHKXrKlQzZlp+r0ApQmwJG0wg9ZqRdQZ+cfL2JSyIZJrqrol7DVeky
CzsAAgIH/2jFmKAQqHAE17H0lACW+vTj1F1o3r2Ygn+p/uyHdy+V+bpueS+bBAa/
PvJuUiLh1IqaYDRSXbtscrpW29THnoLU7bRFsphfbDPHFn3k41zzne/mULpojl8J
P4NKqo066uxGFuT5TIzthWx/yMfUhylUvWtHhlFJfjwb935BGQSeB4cHqnEny8il
Pwh8rDdN2d+oLXbtQSZcx8vAT8Vsz+L7TxIue0NXRQ2P/jq3ZQZ8Ck6Z3ustKwG4
v8JOhcQxkPOr3WqSyOdZE8b5GMfPqmV6hOAhuX1mwBQ0FUzWSFiTYGDF+yoJfBb8
Pu8wqibL/ym7qJyBG+YTVYn5VU1pQQCITAQYEQIADAUCO5WoqQUbDAAAAAAKCRB4
P82OWLyvuk/PAJ9VUlRm3imyC/pPB2j1LFge6rOUYQCg3bZJ9Majq/tKROXopRHO
taTApkk=
=OOMX
-----END PGP PUBLIC KEY BLOCK-----


Each line here is approximately 64 characters long, so if your particular app has a maximum of 64 characters youll be fine.

Once you have this info just pick and number, at least 4 or 5 characters long. DONT use your SS number or some other personally identifiable number.

Your first number is the line of this code you will use.

The second is the number of the character in that line you will change. You will change it either forward or backwards the number of your third number.

Continue until you are finished in this fashion.

In the end, all you must remember is your personal number and exactly how that number will affect your pgp key number.

A 64 character password is virtually unbreakable. There are 5477211901915463633986786204115100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
possible combination's.

Just dont forget how to find the location of your pgp key and you personal number...
 

·
Student/Teacher
Joined
·
164 Posts
Check out GRC.com for Steve Gibson's perfect paper password or his password generator .

If you are into computer security listen to his podcast security now .

This guy is really into computer security IMHO a genius. I f you go back through his podcast he talks all about vpns, encryption, and types of vulnerabilities. He also has many free utilities that I have found useful.
 

·
AAAH GET TO ZE CHOPPA!
Joined
·
1,554 Posts
look up truecrypt if you want to get some good security for a folder or an entire drive.

The trick is not to make a "crack-proof" password, but to make a password so hard to crack that it isn't worth the effort or resources to try and crack it. There are two main types of attack- dictionary attacks that use a pre-compiled list of common words, phrases, and their variations... and brute force attacks that literally try random combinations until it guesses the right one. ANY password can be brute forced, but it could take centuries or millenia if the password is good enough.

You want your password to be random enough that a dictionary attack won't be able to nab it- and no, don't just rely on leet speak (like saying $a11y instead of Sally)- dictionary attacks look for that now. The big challenge is that the most secure passwords are also the hardest ones to remember. One simple but effective way to do it involves taking the first letter in a random passage of a book or poem you like, NOT a famous quote or line that could be in a dictionary. Then change it with leet speak. The longer the password is, the harder it is to brute-force attack.

Throwing symbols between words like # or % help as well, as they don't really fit in any phrase or series of words.

example:

1. It is very hard to think of an example sentence to use.
2. take first letter of each --> Iivhttoaestu
3. leet speak --> 1ivh77o4e$tu

You get the idea.
 

·
Registered
Joined
·
6 Posts
Personally, I would take a line out of a favorite song, convert it to l33t speak.

"Amazing grace, how sweet the sound that saved a wretch like me. I once was lost, but now I'm found. Was blind but now I see."

"Agh$tst$awlm.10wl,bn1f.Wbbn1$."

A password cracker, even brute force dictionary crackers are going to have a hard time with that one. Though obviously I don't use this password.
 

·
Prepping = life insurance
Joined
·
1,458 Posts
If you're having problems with remembering passwords, get a password management utility (KeePass or Passwordsafe) or piece of hardware (Mandylion).
 

·
Registered
Joined
·
1,746 Posts
Use maximum length passwords, using Unicode characters if possible, ASCII if not. 1024 characters of mumbo-jumbo will keep most out, but they can always go to the source. Best bet is to not use a computer.
 

·
Banned
Joined
·
1,711 Posts
A 64 character password is virtually unbreakable. There are 5477211901915463633986786204115100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
possible combination's.
Scientific notation is your friend.
 

·
Registered
Joined
·
49 Posts
Here is something I suggest to clients when they complain about remembering passwords that have high complexity requirements (eg, requirements for upper and lower case, length and numerics)

1.) Find a song that you like and know the words to your favourite verse/chorus.
2.) Sing the song in your head
3.) As you sing the song, use the first letter, or the last letter of each word
4.) Make a couple of the letters capital
5.) insert a number or two

alternatively.
1.) take 2 dissimilar words, eg, egg and window
2.) think up a number
3.) join all 3 and make a couple of letters capital
eg. eGG99windOw

of course with all passwords lenght and character set are the keys to delaying a brute force attack. This is where regular password changing becomes important to reduce an attackers window.

Hope this helps

btw, G'day here from Australia.
 
1 - 18 of 18 Posts
Top