Maybe My Password Isn’t As Strong As I Thought It Was

For years, we in the computer industry, have been telling people to create cryptic passwords that include upper and lowercase letters, numbers, and special characters. We’ve been saying that if you replace certain characters with others, such as @ instead of “a”, or 3 instead of “E”, or ! instead of l, that chances of getting your password stolen are remote. Well, it would be remote, but with today’s technology, someone trying to break that password would have it figured out in 3 days with 1000 guesses/second, which is probably faster than you trying to remember what the password actually is.

A far better and safer way to create passwords is to string words together. Four random words, such as dogsbakewoodseat, would take 550 years with 1000 guesses/second to break, and would be much easier to remember if you use words that have meaning to you. The reason isn’t so much in the letters you use but is a combination of length as well as content. Most cryptic passwords are shorter than 8 characters because they’re hard enough to remember as is without them being longer. By using the word combination, you can make your passwords long and still be easy to remember.

I still recommend you using a different password for every site so with all of those passwords to try to remember you may want to use a password manager. I recommend RoboForm which allows you to save your passwords to your computer, or to the internet where they’re available just by clicking, when you need to log-in to a site.

If you want to see how safe some of your passwords are, or passwords similar to what you use, try them here, and see how long it would take someone to hack your password.

Fake Antivirus Industry Down, But Not Out — Krebs on Security

Fake Antivirus Industry Down, But Not Out — Krebs on Security.

Many fake antivirus businesses that paid hackers to foist junk security software on PC users have closed up shop in recent weeks. The wave of closures comes amid heightened scrutiny by the industry from security experts and a host of international law enforcement officials. But it’s probably too soon to break out the bubbly: The inordinate profits that drive fake AV peddlers guarantee the market will soon rebound.

During the past few weeks, some top fake AV promotion programs either disappeared or complained of difficulty in processing credit card transactions for would-be scareware victims: Fake AV brands either ceased operating or alerted affiliates that they may not be paid for current and future installations.

On July 2, BestAV, one of the larger fake AV distribution networks, told affiliates that unforeseen circumstances had conspired to ruin the moneymaking program for everyone.

Follow

Get every new post delivered to your Inbox.

Join 217 other followers