Quote:
Originally Posted by Kushan
Even a cluster that size will struggle to brute for a decent long passphrase. 15 characters? Sure, probably in hours, but when you get to the likes of 30+ characters then it becomes an issue even at that scale.
That's only really achievable with a passphrase. To be clear, the most secure password is completely random string of characters, with symbols, letters, numbers (and ideally even unprintable characters :P) however I would argue that this is not the best password. You have to be able to remember a password, or you'll end up writing it down*. That's what I mean when I say "Best" - something that is the correct trade-off between "memorable" and "secure". A pass-phrase with some substitutions is by far the best compromise there.
* Please note that I strongly advocate the use of a password manager for your day-to-day passwords.
|
That's the thing, you understand that but when people say a passphrase is the best it actually isn't
unless you actually use substitutions. Without the subs it just becomes a simple dictionary attack and that will be quicker than brute forcing a random string even if your phrase uses the maximum amount of characters.
You also have to be careful what subs you use. e.g. subbing a 4 for the letter A etc is useless the mask and rule set used in the attack will soon find that. Symbols (AKA special characters) and the odd number thrown in is the way to go as far as a passphrase is concerned.
---------- Post added at 12:43 ---------- Previous post was at 12:39 ----------
Quote:
Originally Posted by tidder23
they could do a man in the middle attack which means they can funnel all your traffic through them
one thing they could do redirecting online banking sites to trick you to give up your information
years ago I used to take over my brother's Facebook account and write stupid messages on his wall
and if you are thinking there is no master hacker living near you
the hacking tools i used was basically a numbered list (press 1 to hack and press 2 to evil laugh)
only thing stopping them is your Wi-Fi password
|
I don't think you realise what a "Man in the middle" actually is. It is a means to get your wifi password as well as getting everything passing through their connection which will record everything.
Man in the middle is a way of fooling you into thinking you are connecting to your network when you are in fact connecrting to another one entirely. If done correctly you wouldn't even know.