Account Password Security

The most common passwords are as follows 123456. guilty ):

"

Duby wrote:

The most common passwords are as follows 123456. guilty ):

I only use that on fake emails and accounts lol.

One major factor I didn't see discussed here is why someone would be trying to get into your account. In the case of the early Diablo 3 account hackings, it was very common that people were compromised via passwords they used in other places.

It doesn't matter how elaborate your password is if it has simply been stolen from a very poorly-secured database somewhere else.

It wouldn't make sense for someone to try to brute force random Diablo 3 accounts, but if they have a few lists of address and password pairs that were stolen months back from other websites, the hacker can have a very high success rate by trying them on D3.

So, you know, make sure your important passwords are unique. Without uniqueness, they might as well be "password123"

"

nablas wrote:

One major factor I didn't see discussed here is why someone would be trying to get into your account.

Quite simply because it's there. Same principle as the web defacers that were heavily active in the 90s, bragging rights count for a significant amount in some communities.

Much better suggestion would be to change all passwords every now and then, not only having a strong password but also not sticking to it for too long, no matter if it is safe enough actually.

But as said from nablas, you can be careful and smart but when those sites, that stores your data are dumb enough, you can be cheated anyway by the stupidity of others.

"

Just make a 12 digit or more password and it will be encrypted then salted...your passwords here are pritty safe from the sounds of it.

Hi, sorry to disagree. If the worst happened and someone got hold of the password file, rainbow tables currently go up to 14 characters, so I always make my passwords 15+. There has been a lot of research on passwords and how easy they would be to crack, and apparently it is easier to crack an 11 character complex password, than a 12 character non dictionary passphrase. (Due to the processing power needed to run the cracks against them)

So, make up a phrase that means something to you and make it long. Remember guys, size matters ;)

"

Malenka wrote:

"

Just make a 12 digit or more password and it will be encrypted then salted...your passwords here are pritty safe from the sounds of it.

Hi, sorry to disagree. If the worst happened and someone got hold of the password file, rainbow tables currently go up to 14 characters, so I always make my passwords 15+. There has been a lot of research on passwords and how easy they would be to crack, and apparently it is easier to crack an 11 character complex password, than a 12 character non dictionary passphrase. (Due to the processing power needed to run the cracks against them)

So, make up a phrase that means something to you and make it long. Remember guys, size matters ;)

The 14 character long rainbow table was generated against only the LM hash of XP... which is a very weak cipher.

Nobody with any shred of encryption understanding would use that encryption method to secure user's passwords.

Alphanumeric passwords of length >10 are currently quite secure, although 12 has substantial future security, particularly if you upgrade to mixed-special-alphanumeric.

I still dont see the point of worrying more than 12+ alphanumeric characters especialy when theyre salted....

wew i got my passwords on the list >.<

use a password that only u know. write it down if u don't remember the password :)