How the fuck is

is it possible to hire niggers to dance at your funeral?

2+2=4-1=3

why are all those people carrying coffins of passwords i don't even get it

My passwords are fucking lazy. I'll make a 6 or 8 digit random number / letter password, then double it up by typing it again, but while holding the shift button.
12 or 16 digits of uppercase, lowercase, numbers, and symbols. Fuck it, good enough....

>implying it matters if you're signed in or not
It's closed source. You shouldn't be running it at all regardless of whether or not you are signed in.

I don't really like how Aqua is drawn in the show, since her tits are too saggy. She's much better in the manga, but megumin is just IMAGINE tier so it's hard to beat her. The only girl I like more is Yunyun.

But it isn't running because it isn't active, dumb non-anime poster.

>2+2=4-1=3
Did you just say that 2+2=3?

whoa fucking racist much?

>It's closed source
No it isn't

Set all your passwords to "Password123", they won't expect that, amirite?

It's really respectable. When people die, they are celebrated rather than mourned.

Sorry...
2+2=4
4-1=3
Just some quick maths.

Maths are powerful things, user, you have to make sure not to make any mistakes, lest you make a mistake like that again.

Attached: Spaceballs-12345.jpg (1224x792, 98K)

> flip to a random page in a textbook
> find a weird word
> add some numbers and special characters
> stuff like =+WignerCrystals834
That's what I do if I actually have to remember a password. I usually use LastPass though.

Top password:
lowercase characters - 26 options
spaces - 1 option
total options - 27
Length - 54
27 possible character options for each of the 54 positions in the password - 27 ^ 54 total possibilities to check

Bottom password:
lowercase letters - 26 options
uppercase letters - 26 options
numbers - 10 options
special characters - 33 options
total options - 95
Length - 30
95 possible character options for each of the 30 positions in the password - 95 ^ 30 total possibilities to check

If you were just going to randomly check each possibility using only the possible character options, the top password would take several times longer to crack. However, if you were going to combine 7 english words together to get a password, then the calculation is
English words in dictionary - 171476 options
length - 7
171476 possible words for each of the 7 positions - 171476 ^ 7 total possibilities to check

Which is magnitudes less than the original

>How does Jow Forums come up with their passwords?
Randomly generated alphanumeric strings, as long as possible, stored in a password manager

What fucking luggage has a five-digit combination?

what happens if your computer crashes, or you're on another machine? how do you access those?

inb4
>da cloud

Dropbox. The password database is encrypted with a strong password, the long weird phrase type with some numbers and symbols sprinkled in it for good measure. I'm not worried about my passwords getting cracked, I'm more worried about reusing passwords.

His apparently.

Attached: Him.jpg (1920x1035, 147K)

Nope. Dictionary attacks are only relevant when your password is a single word or just a few really common words. A password generated randomly using an entire dictionary (sans words less than four characters) will quickly add entropy.

fH6d#x9Hl*Ps
has roughly 58 bits of entropy.
disregard lost gate what
has roughly 90 bits of naive entropy and is way easier to remember.

>But dictionary lookups!
If the latter password was randomly chosen from a dictionary with 50,000 words (and the attacker knew which words were in the pool!) then the best attack would be against an entropy of 50,000^4 or 2^62. Adding one more word makes it 2^78.

Is it more secure to use uncommon yet cromulent words like embiggen?

Attached: add49b885de894f2633e705a4287f8fe2672f28649d7b6715c6ba910812cf3fc_1.jpg (750x781, 81K)

This assumes that the attack has more information about your password than they realistically would.

The attacker knowing that your password is exactly 7 english words separated by spaces is about as likely as the attacker knowing half your alphanumeric password.

Are simple phrases of 5 words secure?

I mean, random words are secure. But are they also secure if the words are a common phrase (but not in a known password database).

>How does Jow Forums come up with their passwords?
Ez
dragon dildo ass shovel

Of course, which is why the top password would be considered secure although when you look at it, it seems like it shouldn't be.

It wouldn't be secure if the attacker knew more information about how your password is formatted, but they don't know this info--that's why it's secure!

In Africa my dude

>read about how people pick passwords
>try it on my brothers phone
>he's always somewhat paranoid about security and says he has a difficult swipe pattern
>swipe the first letter of his name
>im in first try

I use the first names of minor characters in fantasy books, usually 3 names with a number between the 3rd and 4th letter of each name. Is that secure?

lest say you cant write 40 letters / numbers / symbols, for symplicity sake
40 ^ 12 = 1.6777216E+19 different passwords
50000 ^ 4 = 6.25E+18 different passwords
so, in your example, the first example is more complex than the second, making a bruteforce attack

>30+ char random string
if youre using unintelligible passwords youre doing it wrong
1st, online password dont need to be super secure
2, not repeating passwords is king
3, no chosen passw related with anything, must be randon
4, theres no reason it cant be words instead of @*!@¨#!@*#¨!@*#¨

diceware always, less than a handful of words for online shit, you end up memorizing a few of them, bonus

what are you even using as a master password? did you memorize a 30 special chars sequence? 9 words or less with youre bilingual would have sufficed

Attached: Diceware-Dice-Rolls.png (728x654, 37K)

:)

yeah no, that user was wrong by parameters but not in strategy
lets say you can use 80 symbols
80^12 = 10^22

he also considered too many words, even you did 50k
14k more or less "uncommon but not alien to most grad schoolers" english words
five words = 10^22

whats easier to use, type, remember? ofc as a master pass you would use a 10-word

My question is why would anyone care about dictionary attacks when most websites lock you out after 5 attempts anyway

Attached: 13742795233493543.jpg (433x380, 26K)

>80^12 = 10^22
80^12 = 6.87*10^22
>14k more or less "uncommon but not alien to most grad schoolers" english words five words = 10^22
14000^5=5.37*10^20
come on man, do your math.

Dictionary attacks happen after the password hashes are stolen. Nobody tries to literally log in as you a million times.

Attached: brainlet.jpg (645x729, 48K)

That makes so much more sense, thanks user

Attached: 1437175423790.png (174x231, 16K)

In terms of workload, i would say the most important thing is to have a different password per website or at very least not use your email password on anything else, because companies are retarded and one WILL leak your password in plain text, and the first thing the hackers will do is try it on your email.

Q U I C K
U
I
C
K

Only 10 seconds for Ryzen 7. Try harder. :^)

Not anymore

I just use a password manager cause I don't want to memorize 50 fucking passwords. If I need to actually be able to remember it like for logging in my computer I just do the dice shit and memorize it.

I just use something like oniichangentoonigger. No way you can dictionary attack that.

technically speaking, everything is attackable.
Mixing languages is a nice idea used in the real world, because the complexity for a dictionary attack grows so much that SOMETIMES is more viable to do a brute force attack instead of a double dictionary attack, that is making 1 big dictionary from joining other 2.
but try to use not sop frequent words from the 2 languagues

>le fuck

>if you're trying to remember a password
>you're doing it wrong

So how do you access the password manager?

It isn't. It's just easier to remember for non-aspies.

More characters = more entropy = harder to brute force.

1 word = 1 Dictionary Character = less characters = less entropy

>How does Jow Forums come up with their passwords?
I use `pass` for Linux and Android.
I only need to remember 1 password and have access to my PGP Key.
Database (folder with text files) is synced through gitlab.

fucking spam filter

Attached: fuckingspam.png (694x456, 25K)

hahaha, me too! It works well and prevents bruteforcing just by length and how uncommon such a rule would be in a password cracker.

I also append a short suffix and a substitution like: abacu5ABACU%_phoenix

which I think is generally strong enough to be considered highly secure

I use 123qwe for everything, never been compromised.

all my passwords are my little pony references

I used to use 13245768 which is a quick and ez dance on the keyboard. Haven't seen it in any password lists yet, feel free to add it bois

biosecurity

i have a USB3.0 cum analyzer

I had 12345678 for my hotmail account for about 10 years and had no trouble. But I came to my senses and changed it about 8 or 9 years ago.

Personally I have a unique passwords for my email accounts, and then about two or three "stock" passwords I use everywhere else. Those are changed up from time to time, usually when a major breach has happened at places like twitter, linkedin etc.

It's not more secure, but a LOT fucking more secure than "1password", and easier to remember.
but doing something like
horse battery 8 d1ldo stallman smartphone jazz basedbean
Is still easy to remember "urh, how many dildos can I fit in my boypusi? Oh yeah! 8!", but makes it incredibly more secure.

my friend had password which was

traktor ore pole za domom suka farmar v stodole

which literally means "tractor is plowing field and behind house is farmer fucking in stable"

fuck your generated passwords

It's easier to remember and will take more time to crack assuming the person attacking the password doesn't know the dictionary you used to make your password and that it is a combination of space separated words.

diceware security already assumes the person knows you used diceware.

That just means it'll take even longer to crack my passwords.

>"urh, how many dildos can I fit in my boypusi? Oh yeah! 8!"

exactly that as a password would be even better, larger character set, and a longer password. plus it is more memorable

Why do you people always magically assume that they'll know whether or not you used all lowercase or not?

Do you think they use an all-lowercase brute force attempt on every password before breaking out the big guns that uses the full character set?

Realistically, an all-lowercase password is going to get checked against a full character set, not only lowercase letters.

it's not random

Use different language, so that dictionary attack ia useless

Not him but I carry the database in an old 8MB USB that I use for nothing else

You should see my server logs.
I autoban when someone enters the wrong username. And only 5 password attempts per 30 minutes are allowed, or you get banned for 12 hours.

And yet my logs are still filled with brute force attempts (and matching bans).

I hand out thousands of ip bans to bots per month. Especially admin and root are popular usernames to get banned for.

Different diceware passwords for computer login (personal and work), keepass database, random 16-digit number for phone PIN (I would use 20 but 16 seems to be the limit), 20+ random characters for everything else (numbers, uppercase, lowercase, punctuation), and I change all passwords every 3 months.

Numbers, symbols, and some nonsense words randomly jumbled together. Don't see why it wouldn't work.

>online passwords don't need to be super secure
That's where you're fucking wrong, kiddo.

Unless you enforce a get leaked=tell users ASAP rule, your password might be getting cracked.

I agree with the master password, that needs to be secure. Mine is a childhood character with l33tspeek and two dictionary words. The name is fucking golden tho, breddy obsgure.

I don't even know which of these two is bigger.

my master pw is 60 chars, it's easy when you've only gotta remember one

Obligatory xkcd comic inbound
xkcd.com/936/

Oh and my password is cakeSarEtoOsweeT!!1991hotmail
or
cakeSarEtoOsweeT!!1991gmail
and so on and so forth

Obligatory fallacious comic posted.

You can't seriously think a dictionary attack would pick up "stallman" or "basedbean"

Can you guys define the word entropy for me in this context?

Have fun spending millennia making a dictionary of the hundreds of thousands of names and then bruteforcing it for nonillion years.

First a description:
Entropy in information theory measures the amount of information that is contained within a message. The higher the entropy, the less predictable are a message's contents. So if my message is just a single numeric digit, you have a 10% chance of guessing my message correctly. If my message is 1024 characters long, it's significantly harder to predict. Similarly, if my alphabet contains more characters (adding alphanumeric characters, special symbols etc), predicting a specific character within that message gets harder. However, if the characters aren't equally distributed -- e.g. in regular text --, entropy is lower. The chance that a given character is a space character is significantly higher if I'm transmitting a letter, compared to a sequence of random characters of the same length.
I forgot the formal definition; it's somewhere in one of my uni binders. Look it up on Wikipedia, maybe.

innovative

So how is this definition of entropy different from the definition that exists in regards to thermodynamics where energy and matter cohesion is broken down over time?

How can the same word mean two things?
Ie: password length and breakdown of matter and energy
What's the common denominator here?

Why not use 漢字 passwords?

Your password can be fucking qwer1234, nobody will ever randomly guess it in your lifetime anyway

Either a server gets hacked or you leak it yourself. At which point it doesn't matter if it's @fA45Rc#H or iori_sucks

>>I autoban when someone enters the wrong username.
Fuck you

t. person who can't spell his name

I have no time to spellcheck my name, that's what error messages are for

>horse battery dildo stallman smartphone jazz basedbean

yep, this one's going into my bruteforce dictionary

go ask in Jow Forums

>Either a server gets hacked or you leak it yourself.

that's why you should never repeat passwords