How to make a good password

Along with birthdays, names of pets and ascending number sequences, add one more thing to the list of password no-nos: good grammar.

An algorithm developed by Ashwini Rao and colleagues at Carnegie Mellon University in Pittsburgh, Pennsylvania, makes light work of cracking long passwords which make grammatical sense as a whole phrase, even if they are interspersed with numbers and symbols. Rao’s algorithm makes guesses by combining words and phrases from password-cracking databases into grammatically correct phrases. While other cracking programs make multiple guesses based on each word in a database, putting in “catscats” and “catsstac” as well as just the word “cats”, none of the programs make the jump to combine multiple words or phrases in a way that makes grammatical sense, like “Ihave3cats”, for instance.

Ten per cent of the long passwords that Rao and her team tested were cracked exclusively using their grammar-sensitive methods, unyielding in the face of other well-known cracking algorithms such as John the Ripper and Hashcat.

As processing power continues to fall in price, choosing passwords that are easily memorised but secure is getting harder and harder. A $3000 computer running appropriate algorithms can make 33 billion password guesses every second.
In a paper due to be presented at the Conference on Data and Application Security and Privacy in San Antonio, Texas, next month, the researchers suggest that other types of familiar structures like postal addresses, email addresses and URLs may also make for less secure passwords, even if they are long.


Blowfish12@2012 blowfish12.tk Author: Sudharsun. P. R.

Advertisements

2 thoughts on “How to make a good password

  1. I’m impressed, I have to admit. Rarely do I encounter a blog that’s
    both educative and engaging, and let me tell you, you have hit the nail on the head.
    The issue is something which too few men and women are speaking intelligently about.

    Now i’m very happy I found this during my hunt for something concerning this.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s