21

Well done Google, well done.

I think you should really work on your password checking algorithm, or it may look as though as you are **purposefully** are trying to make it as easy as possible to hack your users' accounts. Well done.

I just typed in one word. ONE FRACKING WORD. The word is, you're going to love it, Buddhism. Wow. Apparently no computer can guess an EIGHT LETTER WORD that starts with a capitol letter.

Comments
  • 3
    If you check the js of the password checker I bet it’s still pretty simple. Most will approve concat(stateCode, homePhone) as super secure ie “CA555-867-5309”.
  • 18
    I don't get the google hate.

    What is wrong with you? Did someone hurt you?

    Simple solution; don't type in a fucking word.
  • 2
    @D--M jeez, you’re angry, lad. I’m just saying that google seems a bit insecure for how popular it is, that’s all.
  • 7
    My passwords are human friendly brute force difficult.
    Examples would be

    PowerAmongMenDespiteYourself1!

    ThisCakeIsActuallyKindaDry!!!

    IsThisTooMuchGravitas?

    Points if anyone gets the references
  • 1
    @seraphimsystems My passwords are similar, but they are always very out of context and usually use improper grammar.

    Sometimes I use out of context code that would make any programmer tear his hair out. Such as if something == true.
  • 5
    Use a password manager and don't look at the random characters...
    Example? Here: "PJ,tCd(3Y7~)4hrS{b"
    No current or near future computer will able to get it.
  • 7
  • 2
    @irene will, not really. Using a dictionary attack assuming user use concatenated words and adding 1 number and one symbol at the end, for this is common behavior makes plain random passwords harder to compute than yours.
  • 4
    @irene if the letters password is made from whole words, a Rainbow Table attack would have much easier time with it than the random symbols one, however. Which means that a equal sized passwords, of words and symbols, the symbols one is safer, because it will be safe against one type of attack, but equally vulnerable in the rest.
  • 0
    @irene for the sum of words is always smaller than all possible combinations of letters, not even considering numbers and symbols here, it doesn't.
    Best however will always be a long random password.
  • 0
    @irene yup, rainbow table is dictionary of password to hash but backwards (from hash look for password) and using salt makes rainbow tables obselet unless you know salt too than your hashing is obselet.. Lol..@SeriousM
  • 0
    Don't forget that two words together hash differently than some function of combining the hashes for two seperate words.

    So unless your rainbow table has that exact entry, you won't have a hash that helps.
  • 1
    I suppose everyone agrees "Buddhism" isn't a strong password 8)
  • 1
    @yendenikhil @irene @HelloItsMe @aritzh why not use long uncommon words, characters in between and Chinees or Japanese or some language like that? The symbols would throw off dictionary attacks and the eastern characters rainbow tables because who else uses those characters? Or am I completely missing something simpel here?
  • 1
    My passwords are in a local language...where I'm from. Hack that😂
  • 1
    @Charmesal you lose ease of use
  • 1
    My passwords are like
  • 1
    My password generator uses dictionary words, and a combination of letters that might sound like a word, all combined by -
    Eg, blue-goel-nice-gemaphroty-narkme
    Then I use 1Password to keep it all stored
  • 0
    @ChainsawBaby I use dashlane to manage my passwords.
  • 1
    @aritzh my words usually use Russian-English and British spelling. I don’t think dictionaries can bust it.
  • 0
    Bitwarden is suggested in other threads. I've checked it out, looks great!
  • 0
    @irene that's where the eastern characters come in to play
  • 0
    @irene I had that idea also. But then I thought of the many companies that check passwords badly or don't support the latest updates. There was this bank that had a server crash because of an emoji in the transfer description... So for now I'll stick to my good old Welcome2007!
Add Comment