|
|
|
||||||
| Linux Security Make your Linux box more secure - Learn How |
 |
|
|
LinkBack | Thread Tools | Search this Thread | Display Modes |
06-22-2008, 08:29 PM
|
|||
|
|||
I think the best password scheme is a password PHRASE that you then convert to letters, symbols, numbers, etc.
Something Wicked This Way Comes becomes 5w+wC!.23 5 = S from something, w is obvious, + is the T, w is obvious again, C is from comes, an Exclamation point, a period, and then a couple of numbers, I usually use a set of numbers based on something or another, the last 2 digits in the IP address, or the first 2 digits, or if I'm changing the passwords multiple times, it might that particular iteration, or whatever. But the point is that I use a pass phrase and then haxor it up. So it's easy enough to remember even though it looks like some random letters, symbols. I try to use quotes that are somewhat known, but not TOO well known Neither a borrower or lender be: n @ brlb!.38 (spaces added to avoid this thing auto creating a hyperlink) WWIII will be fought with sticks and stones: (Albert Einstein) ww3wbfw5&5 All the worlds a stage: @ +wa5 . 23 again, with a dot and some numbers after it. anyways, those are some of my ideas. - pass phrase, take first letters of each phrase, haxor it up. Easy to remember, hard to figure out, in my opinion. Don't worry, I didn't give you guys any of MY passwords. Doh! 
|
|
06-23-2008, 02:50 PM
|
|||
|
|||
Well, in my own business, because it's small, I handle this all manually.
At one of the large companies, we would do the passwords manually and then propagate them via scripts. But now that you mention it, thats not a bad idea to write a script to generate something like that .... Hmmmmmmmmm  ~ Lissa Valerian
|
|
06-24-2008, 02:33 PM
|
|||
|
|||
|
Quote:
1. the specific quote or pass phrase 2. how it was haxored up 3. what methodology used for digits at the end. I'm sure that if you can script a password generator, you can script something to hack it. I've just found my passwords to be a bit more difficult than most, and I've not had any complaints (other than that they were a bit complex - which really isn't a *bad* thing, lol). Most of my coworkers complained that I was too literary, so I started using some movie quotes instead. I think they liked that better. LOL. I just harrassed them and told them it was the only way I'd ever get them to read shakespeare. :-)
|
|
06-28-2008, 10:39 AM
|
|||
|
|||
|
I do usually use somewhat the same method as Lissa, but not exactly like that. I wrote a script based on the method of Lissa. I've made some minor edits in it though. My own method is somewhat different, and I'll not talk anymore about it, or you'll be able to guess all of my passwords. ;-)
How it works: 1. Receive a "helping string," which can be a some phrase, quote, or whatever the user has in mind. 2. Count the amount of words in the string, and choose 1/3 of the words randomly. 3. The random words will result in numbers (which always are good in passwords, to make them stronger). The number will simply come from the length of the word. 4. The first letter of the rest of the words will simply be used. 5. Combine them all, and we have a good, strong and easy-to-remember password. Why people will not be able to guess it, although they know the algorithm: 1. They'll have to know the "helping string." (2. The words chosen for numerizing are randomly chosen) The last one (2.) is in parentheses as it can be bruteforced easier than the first one (1.). The first one is almost unbruteforcable, as it's a creation of the user's mind. An example: Quote by Albert Eintein: "I do not know with what weapons World War III will be fought, but World War IV will be fought with sticks and stones." We can generate lots of different passwords using this quote. Each time it's run through the generator it will generate a new password, because the words are randomly chosen. Here's some of the different passwords it generated: "I2nk44wW334bf3WWIw2fwsas," "1d3k4w7W334bfbWWIwb6wsas," "12nk4w7WW34bfbWWI4bfw6as," "I2n4wwwWW3wbf35WI4bfws37," "Idnkww7WW3wb7bW3I42fw63s," ... They look a little cryptic at the first sight, but if you look carefully, and read how the simple algorithm works, you can see that it is actually pretty simple, and with a little practice you'll be able to remember complex passwords. Last edited by v0id; 06-28-2008 at 10:41 AM.
|
|
06-28-2008, 10:39 AM
|
|||
|
|||
|
And here is the script:
Code:
# lipg.py
# - Lissa-Inspired Password Generator
import sys
import random
if len(sys.argv) == 2:
helpingString = sys.argv[1].split()
else:
helpingString = raw_input("Enter helping string: ").split()
partsToNumerize = []
helpingStringLength = len(helpingString)
for notUseful in range(0, helpingStringLength / 3):
while True:
number = random.randint(0, helpingStringLength - 1)
if number not in partsToNumerize:
partsToNumerize.append(number)
break
generatedPassword = ""
for index in range(0, helpingStringLength):
if index in partsToNumerize:
generatedPassword += str(len(helpingString[index]))
else:
generatedPassword += helpingString[index][0]
print "Generated password: %s" % generatedPassword
Code:
$ python lipg.py "Your helping string" ... Code:
$ python lipg.py Enter helping string: Your helping string ... Code:
$ chmod +x lipg.py $ ./lipg.py "Your helping string" ... $ ./lipg.py Enter helping string: Your helping string ... Last edited by v0id; 06-28-2008 at 10:51 AM.
|
|
06-30-2008, 08:21 PM
|
|||
|
|||
|
awesome code!
Wow! This is completely awesome! Love it! Thanks for coding this!
~LV Quote:
|
| Sponsored Links |
|
«
Previous Thread
|
Next Thread
»
| Thread Tools | Search this Thread |
| Display Modes | |
Linear Mode
|
|
All times are GMT. The time now is 01:37 PM.
Copyright © 2005 - 2007 TotalPenguin - More Linux than Kernel 2.6.
Designed by JoomlArt.com
Joomla! is Free Software released under the GNU/GPL License.
Joomla! is Free Software released under the GNU/GPL License.
