I would post the

" Hey! Did you know that Fark automatically filters your password? Look: ******** "

joke, but with my luck some fool farker would fall for it and I'd get banned for a week...

KeePassX (new window)

And never struggle with passwords or worry about their strength or security again. It's free....You're welcome.

meh, I use passages from the bible for my password...

_{/JUST KIDDING!!!!!!}

I love how they give no numbers, no real information, and just basically say "By using GPUs we can crack passwords faster!"

I want to see data. How many GPUs did they use? What type of password hashing algorithm were they attacking? What type of attack were they attempting?

I've searched online, and as far as I can tell, this is nothing more than "the sky is falling" and fear mongering, or at least, the media misconstruing the results of this "research."

If someone has a link to actual data, I'd LOVE it!

Why wouldn't a 1 minute delay after every 5 failed attempts squash this in the bud?

Lt. Cheese Weasel: KeePassX (new window)

And never struggle with passwords or worry about their strength or security again. It's free....You're welcome.

man,.I don't want to know what assX is, let alone keep it...

vernonFL: /hot

//is it me or does the lighting and shadow make their noses look really freaky?

My password is 12345

From the link in the article:
"Now take the first letter of every word in the [password generating] sentence, and include the punctuation. You can throw in extra punctuation, or turn numbers into digits for variety"

That is f*cking brilliant. It creates incredibly nonsensical passwords and is super easy to remember. I'm going to do this with all my passwords as soon as I get home.

/can't believe I haven't seen this anywhere before

I have a biometric breathalyzer on my computer. If it can't detect my DNA and at least a .04 BAC when I blow in the tube, it won't unlock.

Ninja Wicked: My password is 12345

great, now i have to change the combination on my luggage

rFarke: Lt. Cheese Weasel: KeePassX (new window)

And never struggle with passwords or worry about their strength or security again. It's free....You're welcome.

man,.I don't want to know what assX is, let alone keep it...

Gosh, that was funny.

*watching the clock*...get me outa here and into a vodka tonic...asap.

It doesn't matter how many characters are in it if you leave it on a post-it note stuck to the side of your monitor...

Ninja Wicked: My password is 12345

Ninja Wicked: My password is 12345

That's the kind of thing an IDIOT has on their Luggage!

jaylectricity: Each character in my password needs the "alt" key and 4 digits.

I almost read that as "alt and F4" and I thought wow that's pretty l33t.

my 6 digits are just fine.

Ninja Wicked: My password is 12345

Liar! I trusted you!

So, password length is important, but the fact that when you're on a http:// link YOU ARE PASSING THAT PASSWORD IN THE CLEAR isn't? If there's a https:// option, use it, and if there isn't, bug the webmaster until there is

El Morro: From the link in the article:
"Now take the first letter of every word in the [password generating] sentence, and include the punctuation. You can throw in extra punctuation, or turn numbers into digits for variety"

That is f*cking brilliant. It creates incredibly nonsensical passwords and is super easy to remember. I'm going to do this with all my passwords as soon as I get home.

/can't believe I haven't seen this anywhere before

So, now everyones password will be either LOL, OMG or STFU.

From QDB:

#136524 +(9577)- [X]

I tried setting my hotmail password to penis.
It said my password wasn't long enough. :(

/gotta love bash.org

Mine is 10. not ten characters. the number 10.

Old school: Bewbs1975
Grad School: GObama2008
Back to School: Unemplyd2008

palelizard: I have a biometric breathalyzer on my computer. If it can't detect my DNA and at least a .04 BAC when I blow in the tube, it won't unlock.

wouldn't your boyfriend be able to log in almost all the time then?

My password is ************

g4lt: So, password length is important, but the fact that when you're on a http:// link YOU ARE PASSING THAT PASSWORD IN THE CLEAR isn't? If there's a https:// option, use it, and if there isn't, bug the webmaster until there is

Port 80 is in the clear. 443/https is a handshake agreement to encrypt the data stream between browser and server via certificates.

Some websites allow for super-long passwords. The longest one Boyd has seen is at Fidelity.com, a financial site that lets users create 32-character passwords.

believe it or not, Univeristy of Alabama in Birmingham's career site had a user login that could take a hundred characters for both the username and the password.

Lt. Cheese Weasel: turn numbers into digits for variety

Never would've thought of that one on my own.

Ninja Wicked: My password is *****

Strange.. all I saw was "*****"

Guess FARK's filters are getting better.

g4lt: So, password length is important, but the fact that when you're on a http:// link YOU ARE PASSING THAT PASSWORD IN THE CLEAR isn't? If there's a https:// option, use it, and if there isn't, bug the webmaster until there is

Not quite. The protocol for the URL that processes the form needs ot be https - you can load the form unencrypted though, just sending your info to the server is the important part.

We could go to 12 digit passwords, or you know, we could design systems that respond when you type in the wrong password more then 15 or 30 times in a row... 30 attempts and your IP is banned for a week, then for the next hour any 3 failed password attempts gets from any IP gets an hour ban. (even just the 30 attempt thing) But no, we should be required to memorize passwords that get ever longer because there is no way to detect millions of failed password attempts against a single account!

vernonFL


/hot

//is it me or does the lighting and shadow make their noses look really freaky?

Could be the camera lens.

Number,Number, Crazy symbols for the end.

I mean seriously, how hard could it be?

69DEADmau5?! FTW

skyotter
great, now i have to change the combination on my luggage

Mine's 54321. It's twice as cunning.

/still prefers yaddayaddayadda

Because you wouldn't want anyone getting into your account at DeviantArt and deleting all your furry porn.

On systems that matter, my ID is disabled after three invalid logon attempts.

You would think that would make it pretty hard to "crack".

Of course none of the internet crap cares how many times you try to login so probably should increase the length of those accounts.

Lt. Cheese Weasel: g4lt: So, password length is important, but the fact that when you're on a http:// link YOU ARE PASSING THAT PASSWORD IN THE CLEAR isn't? If there's a https:// option, use it, and if there isn't, bug the webmaster until there is

Port 80 is in the clear. 443/https is a handshake agreement to encrypt the data stream between browser and server via certificates.

don't confuse protocols with ports. http://example.com:443 can still be valid, if extremely stupid

Pocket Ninja: Good thing I've got 14.

Too bad you still use LM hash though.