{"id":1463,"date":"2012-04-02T09:53:53","date_gmt":"2012-04-02T07:53:53","guid":{"rendered":"http:\/\/zerga.dyndns.org\/wordpress\/?p=1463"},"modified":"2012-04-02T11:36:49","modified_gmt":"2012-04-02T09:36:49","slug":"whats-your-password","status":"publish","type":"post","link":"https:\/\/zerga.de\/wordpress\/2012\/04\/02\/whats-your-password\/","title":{"rendered":"What&#8217;s your password?"},"content":{"rendered":"<p><a href=\"http:\/\/zerga.dyndns.org\/wordpress\/wp-content\/uploads\/2012\/04\/root.jpg\" rel=\"lightbox[1463]\"><img loading=\"lazy\" class=\"aligncenter size-medium wp-image-1541\" src=\"http:\/\/zerga.dyndns.org\/wordpress\/wp-content\/uploads\/2012\/04\/root-300x225.jpg\" alt=\"\" width=\"300\" height=\"225\" srcset=\"https:\/\/zerga.de\/wordpress\/wp-content\/uploads\/2012\/04\/root-300x225.jpg 300w, https:\/\/zerga.de\/wordpress\/wp-content\/uploads\/2012\/04\/root.jpg 500w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>Over the years of internet usage, most of us grew accustomed to the fact, that we should choose passwords, that are not plain text. No, they should be as cryptic to our eyes as possible: containing numbers in random positions, special characters like &#8216;@&#8217; instead of &#8216;a&#8217; and some of the letters have to be capitalized. What sounds so plausible is only based on the fact, that we are not good at remembering them, so we *think* those passwords are secure. But are they really?<\/p>\n<p><!--more-->Usually those passwords are hard to remember but still easy to crack for a computer. Sure, there are dictionaries that help to brute force attack a password with the most common known passwords out there and its usually a good idea not to use those combinations ever. For example, the top of the list contains the passwords &#8216;12345&#8217; and &#8216;123456&#8217; or the outburst of creativity: &#8216;password&#8217;.<\/p>\n<p>But&#8230; how do i recognize a secure password then?<\/p>\n<p>Actually, if we take a totally random password like &#8216;!oWu3@&#8217; and compare it to the password &#8216;iowuea&#8217; &#8211; which one do you think is more secure? You say the first one? Wrong! They are equally secure, because they contain the same amount of characters. What we perceive in complexity of the first choice does not make a difference when a computer brute forces a password randomly without any prior assumptions. Furthermore, the attacker does not get any feedback on how close each attempt was to the solution. It is either right or wrong. So in both cases, he or she does not know whether the password contains any special characters at all nor if he got at least some characters right.<\/p>\n<p>So what can i do to make my password more secure?<\/p>\n<p>Make it longer! We can take one thing for sure: an attacker will not start brute forcing a password with 100 characters and then go down to 6 but always the other way around. So your best bet to increase entropy is to stretch out your password. It does not even have to contain a rocket-science chain of characters &#8211; you might as well just fill it up with one and the same: use &#8216;password:::::::::::::::::::::::&#8217; as your password and it will be super secure!<\/p>\n<p style=\"text-align: center\"><a href=\"http:\/\/zerga.dyndns.org\/wordpress\/wp-content\/uploads\/2012\/03\/password_strength1.png\" rel=\"lightbox[1463]\"><img loading=\"lazy\" class=\"aligncenter  wp-image-1532\" src=\"http:\/\/zerga.dyndns.org\/wordpress\/wp-content\/uploads\/2012\/03\/password_strength1.png\" alt=\"\" width=\"466\" height=\"379\" srcset=\"https:\/\/zerga.de\/wordpress\/wp-content\/uploads\/2012\/03\/password_strength1.png 740w, https:\/\/zerga.de\/wordpress\/wp-content\/uploads\/2012\/03\/password_strength1-300x243.png 300w\" sizes=\"(max-width: 466px) 100vw, 466px\" \/><\/a><\/p>\n<p>If you don&#8217;t trust neither XKCD nor myself, I have two other cool options for you to generate and remember passwords:<\/p>\n<ol>\n<li>Analog: <a href=\"http:\/\/www.passwordcard.org\/en\" target=\"_blank\">http:\/\/www.passwordcard.org\/en<\/a><\/li>\n<li>Digital: <a href=\"http:\/\/en.wikipedia.org\/wiki\/KeePass\" target=\"_blank\">KeePass<\/a><\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>Over the years of internet usage, most of us grew accustomed to the fact, that we should choose passwords, that are not plain text. No, they should be as cryptic to our eyes as possible: containing numbers in random positions, special characters like &#8216;@&#8217; instead of &#8216;a&#8217; and some of the letters have to be [&#038;hellip<\/p>\n","protected":false},"author":2,"featured_media":1541,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0},"categories":[6],"tags":[323,322,321,183,180],"_links":{"self":[{"href":"https:\/\/zerga.de\/wordpress\/wp-json\/wp\/v2\/posts\/1463"}],"collection":[{"href":"https:\/\/zerga.de\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zerga.de\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zerga.de\/wordpress\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/zerga.de\/wordpress\/wp-json\/wp\/v2\/comments?post=1463"}],"version-history":[{"count":16,"href":"https:\/\/zerga.de\/wordpress\/wp-json\/wp\/v2\/posts\/1463\/revisions"}],"predecessor-version":[{"id":1545,"href":"https:\/\/zerga.de\/wordpress\/wp-json\/wp\/v2\/posts\/1463\/revisions\/1545"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/zerga.de\/wordpress\/wp-json\/wp\/v2\/media\/1541"}],"wp:attachment":[{"href":"https:\/\/zerga.de\/wordpress\/wp-json\/wp\/v2\/media?parent=1463"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zerga.de\/wordpress\/wp-json\/wp\/v2\/categories?post=1463"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zerga.de\/wordpress\/wp-json\/wp\/v2\/tags?post=1463"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}