Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
I changed my du pw
After the hack in Nov. 2016, I made a commitment to change it every 3 months, to help avoid hacking 
4 replies
= new reply since forum marked as read
= new reply since forum marked as read
We've always argued that the most secure password is one you don't even know, and is basically incomprehensible. Security expert Thomas Baekdal argues that these incomprehensible passwords—while secure—are not as secure as a more memorable and simple phrase. In other words, this is fun is a more secure password than s$yK0d*p!r3l09ls. Here's why.
Baekdal outlines that using the three most common methods of cracking passwords—brute-force, common word, and dictionary attacks—are really only useful if a password can be cracked in a reasonable amount of time. If a password can be cracked in a few minutes, it's not a terribly secure password. If it can be cracked in about a month, that's still awhile but not entirely secure. A year is where you can start feeling secure, but the best passwords take a lifetime to crack. Baekdal states that a gibberish password, like J4fS<2, will take about 219 years to crack using a brute-force attack (the fastest method). That's secure for life, but it's not terribly easy to remember. On the other hand, a phrase like "this is fun" would take about 2,537 years to crack using a brute-force attack. It's not only more secure, but also easier to remember.
http://lifehacker.com/5796816/why-multiword-phrases-make-more-secure-passwords-than-incomprehensible-gibberish
Baekdal outlines that using the three most common methods of cracking passwords—brute-force, common word, and dictionary attacks—are really only useful if a password can be cracked in a reasonable amount of time. If a password can be cracked in a few minutes, it's not a terribly secure password. If it can be cracked in about a month, that's still awhile but not entirely secure. A year is where you can start feeling secure, but the best passwords take a lifetime to crack. Baekdal states that a gibberish password, like J4fS<2, will take about 219 years to crack using a brute-force attack (the fastest method). That's secure for life, but it's not terribly easy to remember. On the other hand, a phrase like "this is fun" would take about 2,537 years to crack using a brute-force attack. It's not only more secure, but also easier to remember.
http://lifehacker.com/5796816/why-multiword-phrases-make-more-secure-passwords-than-incomprehensible-gibberish
My webhost requires that I change passwords on a regular basis, but since I don't have to access the control panel for the website very often that pretty much means I have to change it when I do need to get in. The most recent time was just two days ago. I tried to use the concept in the article, just a regular phrase but the webhost requires one capital, one special character or number, and no spaces. So I capitalized a random word, stuck a special character into my phrase, and ran the words together. It is still easier to remember than my previous more incomprehensible passwords were.
