Comment Re:What's so hard about remembering passwords? (Score 1) 388
This is similar to what I teach to my users. Take something familar and build a password from it. Take a quote from a book, a bible scripture, a passphrase... then extract/add/replace some extra characters, to build a stronger password. My users are learning. Once they get the hang of it we move them onto using made up, but memorable to them passphrases to start with.
One problem with common phrases, names of football players, etc. is the abundance of word lists available for dictionary attacks (using l0phtcrack, etc.) I have word lists for many subjects (medical, computer, biblical, actors names), in many languages (even hindu, swahili, and polish), and lists collected from years of succesful dictionary attacks. Just browse Google for 'word lists'
Like the story about the bear and the two hikers "I don't have to outrun the bear, I just have to outrun YOU!" one hiker says to the other as he slips on his Nikes. You want to make sure your password isn't among the first ones broken.
Use the same tools the black hats do to audit your own systems and users. It's an education!
HC
One problem with common phrases, names of football players, etc. is the abundance of word lists available for dictionary attacks (using l0phtcrack, etc.) I have word lists for many subjects (medical, computer, biblical, actors names), in many languages (even hindu, swahili, and polish), and lists collected from years of succesful dictionary attacks. Just browse Google for 'word lists'
Like the story about the bear and the two hikers "I don't have to outrun the bear, I just have to outrun YOU!" one hiker says to the other as he slips on his Nikes. You want to make sure your password isn't among the first ones broken.
Use the same tools the black hats do to audit your own systems and users. It's an education!
HC
