Spyware, Viruses, & Security forum

General discussion

Strong Passwords

by The ancient one / January 28, 2009 2:27 AM PST

From what I have been reading it seems that the "Standard" password - 8 character, alpha-numberic, both upper & lower case plus symbols is not considered strong enough. What is considered to be a strong password.

Discussion is locked
You are posting a reply to: Strong Passwords
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Strong Passwords
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Re: Strong passwords
by Marianna Schmudlach / January 28, 2009 2:34 AM PST
In reply to: Strong Passwords

A strong password should appear to be a random string of characters to an attacker. It should be 14 characters or longer, (eight characters or longer at a minimum). It should include a combination of uppercase and lowercase letters, numbers, and symbols.

Password checker

Collapse -
Thanks Marianna
by The ancient one / January 28, 2009 7:09 AM PST
In reply to: Strong Passwords

I have no problem with going to 14 characters with alpha/numeric, upper and lower case plus symbols, but I do have somewhat of a problem with making it appear to be a random string and also making it easy enough to remember.

Collapse -
How does this sound......
by Marianna Schmudlach / January 28, 2009 7:25 AM PST
In reply to: Thanks Marianna
Whether the answer is one or hundreds, Password Safe allows you to safely and easily create a secured and encrypted user name/password list. With Password Safe all you have to do is create and remember a single "Master Password" of your choice in order to unlock and access your entire user name/password list.

Security starts with you, the user. Keeping written lists of passwords on scraps of paper, or in a text document on your desktop is unsafe and is easily viewed by prying eyes (both cyber-based and human). Using the same password over and over again across a wide spectrum of systems and web sites creates the nightmare scenario where once someone has figured out one password, they have figured out all your passwords and now have access to every part of your life (system, e-mail, retail, financial, work).

Collapse -
by phil66 / January 28, 2009 9:11 AM PST

I use Keepass Password Safe because it is compatible with Keepassx which is the Linux equivalent.


Both program really do the same thing as far as saving your passwords.

Try it you'll like it.

Collapse -
Random Strings of letters
by mwrittle / January 30, 2009 10:20 AM PST
In reply to: Thanks Marianna

The trick is to use something like the first letter of each word in a mnemonic phrase.
For example: "My Secret Password Is Known Only To Me" might yield the password mspiko2M. Or you could swap i and o for one and zero.
Or "Dogs and cats give me sneezes but hamsters give me too many giggles" = DaCgmS-bHgm2mG

Microsoft stores passwords in chunks of seven characters. It takes much less time to crack one chunk than two. So passwords improve a lot at 8 characters and at 15.

It is also easier for hackers to find words in passwords. This is why apparently random sets of letters make it harder. Just check your tough phrase does not come out as a word!

Collapse -
It depends.
by gsmollin / January 30, 2009 11:26 AM PST
In reply to: Strong Passwords

It depends on what you are protecting. Your dog's name may be a good enough password for all those internet forums and corporate websites that want you to register. 8-16 alphanumeric plus spaces and symbols is good enough for medium security. American Express limits the number of characters to 8, so they're not concerned.

The TrueCrypt freeware encryption program recommends 25 characters or more, plus allows keyfiles to be added. This is pretty strong protection.

Collapse -
Proper Password
by mwooge / January 30, 2009 2:36 PM PST
In reply to: Strong Passwords

There are two rules for making a password:
1. It should a confusing mess of characters, so complicated even you can't remember it.
2. Don't write it down anywhere.

Therefore, you can't remember it nor read it, so you're locked out. So why bother having a password?

Collapse -
Confuding but memorable
by TheBigfut / January 30, 2009 8:02 PM PST
In reply to: Strong Passwords

The even easier way to make it appear off is by misspelling the words on purpose then add in numbers and Caps randomly. If you use an application for work only you might want to have a certain type of build or method. Versus for personal sites have another type of mixture that way you can remember along the right path if you do forget. To make something that is not an apparent word, but still memorable to the mind sounds more difficult than it is in reality.

Collapse -
it doesn't have to be a word
by chriss03 / January 30, 2009 9:45 PM PST
In reply to: Strong Passwords

most people seem to think that a password must be one contiguous string of letters, i.e. a word.
how about "i love the smell of fresh cut flours" as a password?
replace the o's with zeros, capitalize the last letter of each word, misspell some of the words, make it atey-8 flours, just don't fall into the mindset that it must be a word.
if access is denied because of the uses of spaces, leave them out. of course that does bring us back to the one word concept, but is a lot easier to remember a sentence than random string of letters, characters, and numbers.

Collapse -
strong password
by Sylentsam / January 31, 2009 3:36 AM PST
In reply to: Strong Passwords

There are many ways to save/remember passwords.
I use a program called RoboForm.
Now, all you have to remember is ONE password, the software will do the rest.

Collapse -
keep it simple
by H-bound / January 31, 2009 4:50 AM PST
In reply to: Strong Passwords

You could just use Your mothers maiden name, Your dogs name, Your wifes' name etc. in a single "word". Just replace all the a's, e's i's and o's with 4's and 3's 1's and 0's... and start all names with caps
easy to remember and quite hard to crack

Collapse -
keep it simple cont.
by H-bound / January 31, 2009 5:06 AM PST
In reply to: keep it simple

waht I meant to say was use all of the above as a password. eg. M0m1nl4w_D4ughte3rD0g. And what do You have? -A strong password that's easy to remember...

Collapse -
by H-bound / January 31, 2009 5:27 AM PST
In reply to: keep it simple cont.
Collapse -
To nick.scientist. Post deleted.
by MarkFlax Forum moderator / January 31, 2009 7:40 PM PST
In reply to: Strong Passwords

Your web site advertising is deleted.


Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?