oneFishtwoFishthreeFishfourFuckyou
It is called salt and useful so long as the main part of the password is generally secure without. I have a couple common things I add to any password I have to create (generally meaning my password manager’s automatic generation is rejected), but this is only useful because I figure humans won’t guess the rest (nor will they feed that into a computer to guess the rest which probably isn’t long enough to be secure alone), and the whole then becomes long enough that a computer can’t brute force it. Note that I don’t always use exactly the same sale factors and I don’t put them in the same place - if you know what I try you can brute force my hand generated passwords with a computer but the job is much harder in hopes that you give up.
But if at all possible I will prefer to use a generate password from my password manager which is even more secure. Humans are very bad are creating passwords - even humans who know all the things to get wrong tend to be bad at it.
An erstwhile co-worker used to create passwords by stringing together the names of porn actresses and, I think, adding two random numbers at the end.
Before I started working with them, apparently they almost told the owner of the company this, but were talked down by some other compatriots.
Man! I have no idea what your password/passphrase could be. It sure isn’t Hunter2. Although… perhaps you repeated Hunter2 and or Huntertwo, with a special character or two.
Maybe I’m misunderstanding the graphics, but why the hell is a password that would take 9000 years to crack not considered secure enough to be colored green? What context would even realistically allow for the password to still be relevant at that point?
The speed of cracking isn’t static. It’s 9k today. Tomorrow they come up with a new cracking algorithm, or a new Faster GPU.
Ah, that makes sense. Thanks for the explanation.
“244466666” Can be explained as “One 2, three 4, five 6.”
It’s bad. Use a password manager and its generator.
A long password made of different parts that you can remember in your head is far more secure than any manager that can get hacked.
I have too many passwords for that.
Correct, Horse.
I use obscure quotes and turn letters into numbers. Example (of a quote that isn’t obscure):
Once more into the breach, my friends.
becomes
0m1tb, mf!
That reminds me of a novel based on the HALO universe. In it, a minor character has the password `ThereOnceWasAGirl`. However, he has to type it twice to start his shift because he accidentally didn’t capitalize a letter, I think the W, when typing it.
I read that as a teenager. I didn’t understand why the author included that detail then and I don’t now.
Hunter2fuck
*******fuck
I don’t get it.
I love the idea that someone created a system that censors everything that’s not a swear word.
12345sixperkele
I once got annoyed that my apparently OK password wasn’t being accepted so went with fuckaduck plus some numbers!
The point is… It does not really matter, as long as your password is not trivial the security relies more in the algorithm than in the chosen password.
With bcrypt + round parameters, password stretching or any other key derivation technique, even weak passwords cant be cracked in a realistic time frame
