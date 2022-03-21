 Skip to content
Do you have adblock enabled?
 
If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(NBC Washington)   Is your password less than 8 characters long? YOU'RE GONNA GET HACKED. IN FACT, YOU'VE PROBABLY BEEN HACKED ALREADY   (nbcwashington.com) divider line
58
    More: Scary, Computer security, Cryptographic hash function, Lower case, Letter case, Password cracking, Capital letter, Dictionary attack, simple passwords  
•       •       •

693 clicks; posted to Main » on 21 Mar 2022 at 5:26 PM (41 minutes ago)   |   Favorite   |   Watch    |   share:  Share on Twitter share via Email Share on Facebook



58 Comments     (+0 »)
Log in (at the top of the page) to enable voting.
View Voting Results: Smartest and Funniest


Oldest | « | 1 | 2 | » | Newest | Show all

 
HedlessChickn [TotalFark] [OhFark]
‘’ 1 hour ago  
fewer
 
JessieL [TotalFark]
‘’ 1 hour ago  
1. Use a password manager.

2. Any site or system that's letting attackers try billions of passwords without locking them out has probably bigger issues.
 
Thoreny [TotalFark]
‘’ 1 hour ago  
I've been using the same password since 1997

No hacker is gonna scare me off my stoop
 
Thoreny [TotalFark]
‘’ 1 hour ago  

JessieL: Use a password manager


Not needed today. Web browsers have that built in. And they have secure password generation as well.
 
cherryl taggart [TotalFark] [OhFark]
‘’ 1 hour ago  
If my posts start making sense, I've been hacked.  I use the same password everywhere.
 
JessieL [TotalFark]
‘’ 1 hour ago  

Thoreny: JessieL: Use a password manager

Not needed today. Web browsers have that built in. And they have secure password generation as well.


That is using a password manager. I know plenty of people who have modern browsers and refuse to use the built-in password manager for some reason.
 
Bootleg [TotalFark] [OhFark]
‘’ 1 hour ago  

JessieL: Thoreny: JessieL: Use a password manager

Not needed today. Web browsers have that built in. And they have secure password generation as well.

That is using a password manager. I know plenty of people who have modern browsers and refuse to use the built-in password manager for some reason.


I don't like to, because then I either have to sync the browsers between systems or dig around in the browser's manager when I need to log into something on, say, the kid's system.

/Not even counting work stuff.
 
OldRod [TotalFark] [OhFark]
‘’ 1 hour ago  
So I should append "678" to my existing password?

My luggage only has 5 tumblers though, so I'll be forced to remember two numbers now...
 
bingethinker [TotalFark] [OhFark]
‘’ 49 minutes ago  
So don't use "password", use "password!" and you'll be OK.
 
UberDave [TotalFark] [OhFark]
‘’ 42 minutes ago  
"reindeer flotilla"
 
Unoriginal_Username
‘’ 39 minutes ago  

Thoreny: I've been using the same password since 1997

No hacker is gonna scare me off my stoop


That's a good one, using spaces. But maybe add a number or special character. Also remember, Fark doesn't actually mask passwords when entered into chat
 
Persnickety [TotalFark] [OhFark]
‘’ 38 minutes ago  
Many years ago I used the nonsense phrase correcthorsebatterystaple as a password everywhere but then suddenly one day the hackers got into all my accounts.  What gives?
 
jdlenke
‘’ 37 minutes ago  
************** Is my password. Seems like Fark just knows what a password is and automatically switches it to asterisks.
 
Boo_Guy
‘’ 37 minutes ago  
If the website they're trying to get into doesn't lock them out after 3 to 5 wrong attempts then delete your account with them instead.
 
bughunter [recently expired TotalFark]
‘’ 37 minutes ago  
Good news!  The Fark filter automatically changes your password to ******** if you add it to a comment.  See: ********

Try it for yourself!
 
tmyk [TotalFark] [OhFark]
‘’ 37 minutes ago  

bingethinker: So don't use "password", use "password!" and you'll be OK.


P@ssw0rd!

Fark user imageView Full Size
 
ISO15693
‘’ 36 minutes ago  
could take up to 438 trillion years for the average hacker to crack,

BS. If they dont crack it within 150 years they will be dead. Aint nobody got time for that.
 
mongbiohazard
‘’ 35 minutes ago  
I use a modified version of the XKCD password scheme - 3 common but random words, but I also add a capital letter and a 3 or 4 digit number in there somewhere. That should be pretty tough to crack.
 
kukukupo
‘’ 34 minutes ago  
Wow, surprised we haven't seen correct battery horse staple yet.
 
starsrift [TotalFark]
‘’ 34 minutes ago  
I've had passwords brute-forced a few times. Not much you can do about it. It hardly matters, security these days is primarily based on 2FA. Worry more about your cellphone getting stolen.
 
Hey Nurse! [OhFark]
‘’ 33 minutes ago  

bughunter: Good news!  The Fark filter automatically changes your password to ******** if you add it to a comment.  See: ********

Try it for yourself!


My3inchpenis!
 
Porous Horace
‘’ 32 minutes ago  
Yes of course, the onus is on us to be diligent.
Then the company gets hacked and all the data goes out onto the 'net.

Same deal with farking recycling.
 
Russ1642
‘’ 32 minutes ago  

JessieL: 1. Use a password manager.

2. Any site or system that's letting attackers try billions of passwords without locking them out has probably bigger issues.


That's not how passwords get hacked. First they steal the password hashes, then they run their cracking programs locally.
 
Hey Nurse! [OhFark]
‘’ 32 minutes ago  

Hey Nurse!: bughunter: Good news!  The Fark filter automatically changes your password to ******** if you add it to a comment.  See: ********

Try it for yourself!

My3inchpenis!


Hey! You said it would change it. Liar
 
Billy Liar
‘’ 32 minutes ago  
The Password is..........Bettywhite
 
Ghost Roach [BareFark] [OhFark]
‘’ 28 minutes ago  

HedlessChickn: fewer


That is a shiatty password
 
Prof. Frink [BareFark]
‘’ 28 minutes ago  

Hey Nurse!: Hey Nurse!: bughunter: Good news!  The Fark filter automatically changes your password to ******** if you add it to a comment.  See: ********

Try it for yourself!

My3inchpenis!

Hey! You said it would change it. Liar


He did-the implant added 2"
 
Peach_Fuz
‘’ 27 minutes ago  
My usual password format is 16 to 18 characters long. My password for my employer is required to be 8 characters long, including 2 capital letters, 2 numbers and 1 special character from a limited list.
 
Fireproof [OhFark]
‘’ 27 minutes ago  

bughunter: Good news!  The Fark filter automatically changes your password to ******** if you add it to a comment.  See: ********

Try it for yourself!


hunter2
 
Zyerne
‘’ 26 minutes ago  
Hah! no one will ever guess "setecastronomy"! Oh.. wait..disregard that.
Fark user imageView Full Size
 
Salmon
‘’ 26 minutes ago  
I can make my calculator spell boobs if I hold it upside down
 
LazyPredator
‘’ 25 minutes ago  

bingethinker: So don't use "password", use "password!" and you'll be OK.


That is so unsafe, I use mypassword.  Darn it, now you know, I will use yourpassword now.  Crap, you know that one too.  How about iforgotmypassword, is that enough letters.
 
Unsung_Hero
‘’ 25 minutes ago  
Length is more important than complexity.  "MyPasswordIsClever!" is orders of magnitude more secure than "9as$%ht8".

Random character passwords are just brutally difficult for humans to remember or type in, they're not the slightest bit more difficult for computer to crack with a rainbow table lookup.  And if you use one of the most common short passwords, it's probably going to be extremely vulnerable to a brute force attack.
 
Fireproof [OhFark]
‘’ 25 minutes ago  
Fark user imageView Full Size
 
Persnickety [TotalFark] [OhFark]
‘’ 24 minutes ago  

Billy Liar: The Password is..........Bettywhite



Fark user imageView Full Size
 
TheOtherGuy
‘’ 23 minutes ago  

mongbiohazard: I use a modified version of the XKCD password scheme - 3 common but random words, but I also add a capital letter and a 3 or 4 digit number in there somewhere. That should be pretty tough to crack.


It's cute, but, unfortunately, already outdated.

Crypto mining has vastly increased the quality of the hardware available to botnets, and I've personally seen a demonstration that a broad dictionary hack is possible to build from scratch with modest effort in only a day or two.

That means that, regardless of length, any passphrase with recognizable words, from any language, including fictional ones and even the gibberish from, say, Lovecraft's The Call of Cthulhu since it's in the Public Domain, can be cracked in a human timescale (hours or days, not weeks or longer).

Oh, and apparently accounting for obfuscation via "complexity" where you cunningly replace "a" with "4", "o" with "0", "i" with "!", etc., is so easy that, as a cipher, it's pointless, as is including random uppercase.

IMO, you now have to use 11 - 16 characters (depending on whether we're talking about your spam-bucket email or your online banking account) minimum, and it can't contain any recognizable sequences of words, abbreviations, acronyms, dates, times, phone numbers or addresses.

I have a stock set of phrases (mostly movie quotes but some are just funny things people have said to me over the years which are memorable), plus dates and phone numbers all obscure to me (i.e. all associated with people no longer in my life or never connected to me in the first place).  I acronym-ize the phrases ("The Quick Brown Fox Jumped Over The Lazy, Sleeping Dog" becomes "TQBFJOTLSD", for example), then chop them up with bits and pieces (never more than 3 digits long) of the dates & phone numbers.

This is the only way I've been able to produce long strings of seeming alphanumeric gibberish that can be reproduced from memory.
 
Abox
‘’ 23 minutes ago  
They already hacked my computer and took pictures of me fapping to embarrassing porn apparently.
 
Persnickety [TotalFark] [OhFark]
‘’ 22 minutes ago  

Unsung_Hero: Length is more important than complexity.  "MyPasswordIsClever!" is orders of magnitude more secure than "9as$%ht8".

Random character passwords are just brutally difficult for humans to remember or type in, they're not the slightest bit more difficult for computer to crack with a rainbow table lookup.  And if you use one of the most common short passwords, it's probably going to be extremely vulnerable to a brute force attack.


Agreed.  Someone ought to make a web comic about this.
 
rfenster
‘’ 22 minutes ago  

JessieL: 1. Use a password manager.

2. Any site or system that's letting attackers try billions of passwords without locking them out has probably bigger issues.


They aren't trying every combination on the site....They've already hacked the site's database and are generating random passwords until they match the MD5 (or whatever) string that is in your account record's 'password' field.
 
Space Banana Physicist
‘’ 21 minutes ago  

Abox: They already hacked my computer and took pictures of me fapping to embarrassing porn apparently.


Fark user imageView Full Size
 
Abox
‘’ 21 minutes ago  

TheOtherGuy: "The Quick Brown Fox Jumped Over The Lazy, Sleeping Dog"


Isn't it just lazy dogs
 
CrazyCurt [TotalFark]
‘’ 20 minutes ago  
How did they know all of my passwords are Iveprobablybeenhackedalready?

/ I've known way too many boomers with "password".
 
King Something
‘’ 19 minutes ago  
Fark user imageView Full Size
 
paleryder69 [TotalFark] [OhFark]
‘’ 19 minutes ago  
Bettywhite8AlanLuden think about that and then get the mind bleach out..
 
Knautilus [BareFark]
‘’ 17 minutes ago  
If you are not using MFA, you are going to be hacked.  8 character passwords my arse.
 
JessieL [TotalFark]
‘’ 16 minutes ago  

Russ1642: JessieL: 1. Use a password manager.

2. Any site or system that's letting attackers try billions of passwords without locking them out has probably bigger issues.

That's not how passwords get hacked. First they steal the password hashes, then they run their cracking programs locally.


rfenster: JessieL: 1. Use a password manager.

2. Any site or system that's letting attackers try billions of passwords without locking them out has probably bigger issues.

They aren't trying every combination on the site....They've already hacked the site's database and are generating random passwords until they match the MD5 (or whatever) string that is in your account record's 'password' field.


If they already have the hash file (and the salt) then the length of your password is moot. A longer password doesn't make a longer hash, so they'll eventually find a collision anyway.
 
discrete unit [TotalFark]
‘’ 14 minutes ago  
Fark user imageView Full Size
 
jjorsett
‘’ 12 minutes ago  
That would explain many of the boneheaded opinions I see online. Nobody real could actually believe that crap.
 
TheOtherGuy
‘’ 10 minutes ago  

Abox: TheOtherGuy: "The Quick Brown Fox Jumped Over The Lazy, Sleeping Dog"

Isn't it just lazy dogs


meme-arsenal.comView Full Size
 
Mad Canadian
‘’ 10 minutes ago  

jdlenke: ************** Is my password. Seems like Fark just knows what a password is and automatically switches it to asterisks.


xxx-xx-xxxx is my Social Security number - Fark knows those look like as well!
 
Displayed 50 of 58 comments


Oldest | « | 1 | 2 | » | Newest | Show all


Log in (at the top of the page) to enable voting.
View Voting Results: Smartest and Funniest

Redisplay/refresh comments
 
If you're having problems voting, quoting, or posting comments, try disabling any browser add-ons that might disable Javascript (NoScript, AdBlock, etc). See our FAQ.
 
   Forgot password? Create an account to make comments
 
If you can see this, something's wrong with your browser's CSS support. (Or you're a spambot.)
 
Before adding a comment, please take a minute to review our posting rules and our legal/privacy policy.
By commenting, you agree to these terms. You might also want to take a look at our FAQ.

Continue Farking

If you like these links, you'll love

TotalFark

Come check out what's behind the curtain.

learn more | sign up
On Twitter

  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.