GPGPU: Why Passwords Need To Be Long

[Triple Zero]

Yes. Password managers such as LastPass or KeePass are currently undoubtedly the most secure way of handling passwords. Better than the tips 'n tricks discussed for strong password generation ITT so far.

truly random 30 characters alphanumeric mixed case + symbols is about as secure as it gets.

(except for 31 characters :P )

those passwords are encrypted with a single passphrase, and depending on what your password manager supports, even two-factor authentication, often in the form of "will only work if you have this USB stick with an even bigger key on it plugged into the computar".

[LMNO]

niggerFUCKSHITDAMN_theH0L0C4USTisaLIE+irapedmybabydaughterfor$$$

Am I a bad person for giggling like a madman when I read this?  Probably.



Also, I was talking to a computer security guy over the weekend about this, and he said while the theory is sound, most of the top level hackers don't use pure brute force... they've developed something akin to a crypto AI that makes informed decisions regarding password behaviors.  Or something.  You guys may have already been talking about this; i'm having trouble following the more in-depth parts of this thread.

[Triple Zero]

Yes, that's sort of like the part where I explain how you can bruteforce, but if you choose the order in which you try all combinations such that the more likely combinations are checked for first, you're going to find the right password much sooner.

There's some really smart and creative analytic tricks to optimize the order, but they're probably a well-guarded secret, because I have only rarely heard about it.

One obvious trick of course, is to customize for your target audience. But how exactly to do that, is quite a black art