NeonWizard wrote: | ||
A word from another language is good only if someone is trying to find out the password using an english based dictionary. But in countries such as Germany, and Russia, they most likely have their own based dictionary on that language for finding passwords, as most people that live there won't use english as part of their password. |
JustinT wrote: |
Consider an extension of a dictionary attack, where foreign languages were considered. This particular statistical test involved the Pinyin Romanization of syllables in the Chinese language, in regards to Chinese users. Basically, syllables were combined to form one-syllable, two-syllable, and three-syllable words. Because the aim of this approach was exhaustion, whether or not these words were legible made no difference. As such, the statistics of the Pinyin Romanization system are this: 298 Chinese syllables form the system, indicating that there are a total of 158,404 two-syllable formations, and over 16,000,000 three-syllable formations. I won't go into the semantics of this attack, but I mention it because of the relevance to similar methodology that can be mounted against the English language. As you can see, knowing the environment aids in narrowing the field down, quite significantly. |
Mongrel wrote: |
It CAN be a date It CAN be a name It CAN be something everyone knows about you |
stevensfo wrote: |
Hi,
I've just found this forum, and I'm really indebted to you all for the excellent advice. Like the previous poster, I use foreign words and phrases as passwords and never thought there was a problem. A while ago I downloaded Axcrypt which also produces a 44 character random password if you want one. Is this a bit of overkill? However, it got me thinking about how would I store such passwords if I used one. I came up with 2 ideas: 1. Save a webpage (I tried with bbc.co.uk) and right-click on it. Select 'View code' to open the html code in Notepad. Simply insert your password between <!-- and --> and then Save changes. Who would ever think of looking there? 2. Most people nowdays have a digital camera and thus thousands of boring holiday snaps on their PC. Simply use a free steganography program to hide the password inside a jpeg. Overkill perhaps... but all good fun! Steve |
stevensfo wrote: |
However the best free program I found is GRLhidden. This hides files in almost anything and is the only 'free' program that I know which can hide files in jpegs. |
bknows wrote: |
I mostly agree, but the only advantage that I see that steg has over crypto is that crypto screams out that you have something to hide. Steg just says, "Isn't my doggie adorable?""
|
Quote: |
So to resolve this crisis, hide all your encrypted stuff in stegged files! |
moner wrote: |
can someone help me understand how password cracking or brute force works? how does a program know that a particular password that has been found is the correct one? e.g say my password was "pass", how would the computer program know that it has hit bulls eye for e.g for a pgp disk or something else...i know it might be basics for most of you but I don't know |
moner wrote: |
can someone help me understand how password cracking or brute force works? how does a program know that a particular password that has been found is the correct one? e.g say my password was "pass", how would the computer program know that it has hit bulls eye for e.g for a pgp disk or something else...i know it might be basics for most of you but I don't know |
output generated using printer-friendly topic mod, All times are GMT + 2 Hours