P@s$w0rd Cracker
The two-day course I attended this morning on Security Awareness almost made me fall asleep, well partly due to lack of sleep thanks to Man Utd vs Arsenal match. The full name of the course is Security Awareness for IT Personnel. It is sort of a small part of the introduction to BS7799/ISO17799 Certification. To those who don't know what BS means... it's British Standard (not Bull Shit), while ISO means International Organisation for Standardization. The BS7799 is an international recognised accreditation on IT infrastructure by practising the best practices in managing an IT organisation.
In the afternoon session of the course, there was a workshop to test on the passwords we use when logging in to Windows. They use a software which cracks any passwords. I think they are many softwares to do this, but this one mainly just for testing purposes, on how long it takes to crack a password.
We tested several, here are a rough estimate of the time (if i remember correctly):
p@$$w0rd = 2 min
IT55D_765 = 4 min
JGZ_783G = 4 min
$%^&FG78 = 5 min
.M1LeForcE = Took one day to crack only 4 characters.
F1rewéæll = unable to crack
So to those who have been using only numerical passwords on important personal profiles/bank accounts, etc, I suggest you do change them. Long passwords are difficult to crack, but still possible, just that it takes a longer time to do it. The last password: .M1LeForcE with a '.' in front makes it difficult to crack too.
Notice the weird characters in 'F1rewéæll', password like this is extremely difficult to crack. These weird characters are called Extended ASCII Codes, and can be found at www.lookuptables.com. To type these keys from your qwerty keyboard, you will need to hold down the 'Alt' key followed by the 3 digits which represents the ASCII code. For example: Pressing 'Alt+134' gives you this: å.
If you are using laptop, the Extended ASCII Codes can be typed by holding both 'Alt' and 'Fn' key at the same time, then type the respective 3 digits numbers from the (normally) bluish numbers and not from the usual numbered keys on the keyboard.
Have fun trying!
In the afternoon session of the course, there was a workshop to test on the passwords we use when logging in to Windows. They use a software which cracks any passwords. I think they are many softwares to do this, but this one mainly just for testing purposes, on how long it takes to crack a password.
We tested several, here are a rough estimate of the time (if i remember correctly):
p@$$w0rd = 2 min
IT55D_765 = 4 min
JGZ_783G = 4 min
$%^&FG78 = 5 min
.M1LeForcE = Took one day to crack only 4 characters.
F1rewéæll = unable to crack
So to those who have been using only numerical passwords on important personal profiles/bank accounts, etc, I suggest you do change them. Long passwords are difficult to crack, but still possible, just that it takes a longer time to do it. The last password: .M1LeForcE with a '.' in front makes it difficult to crack too.
Notice the weird characters in 'F1rewéæll', password like this is extremely difficult to crack. These weird characters are called Extended ASCII Codes, and can be found at www.lookuptables.com. To type these keys from your qwerty keyboard, you will need to hold down the 'Alt' key followed by the 3 digits which represents the ASCII code. For example: Pressing 'Alt+134' gives you this: å.
If you are using laptop, the Extended ASCII Codes can be typed by holding both 'Alt' and 'Fn' key at the same time, then type the respective 3 digits numbers from the (normally) bluish numbers and not from the usual numbered keys on the keyboard.
Have fun trying!
posted by Chalks at
8:00 PM
0 Comments:
Post a Comment
<< Home