case: (Default)
Case ([personal profile] case) wrote in [community profile] fandomsecrets2014-10-13 07:03 pm
  • Add Memory
  • Share This Entry

[ SECRET POST #2841 ]


⌈ Secret Post #2841 ⌋

Warning: Some secrets are NOT worksafe and may contain SPOILERS.

01.


__________________________________________________



02.


__________________________________________________



03.


__________________________________________________



04.


__________________________________________________



05.


__________________________________________________



06.


__________________________________________________



07.


__________________________________________________



08.


__________________________________________________



09.

















Notes:

Secrets Left to Post: 02 pages, 039 secrets from Secret Submission Post #406.
Secrets Not Posted: [ 1 - broken links ], [ 0 - not!secrets ], [ 0 - not!fandom ], [ 0 - too big ], [ 0 - repeat ].
Current Secret Submissions Post: here.
Suggestions, comments, and concerns should go here.
Flat | Top-Level Comments Only

[personal profile] cbrachyrhynchos 2014-10-14 12:24 pm (UTC)(link)
Slightly more secure. But the most memorable methods of inserting "random" characters into words are not random at all, and have already been programmed into password-cracking software. o=0 and c=( are already variants used in dictionary attacks. "Every third letter" isn't random at all. Never mind that 7-character passwords are within the brute-force realm where it's possible to try every combination of ascii characters with a current graphics card.

If you want memorable, you're better off going long with nonsense phrases that have no meaning except to yourself and have not appeared in print or on wikipedia. (The "correct horse battery staple" method.) Have your music player spit out four random song titles and pick a word from each "mothra lust mirror coffee," or scan your bookshelves and pick four words from different books "india effect stones goblin." Adding two characters gives you more bang for your buck than *randomly* (with dice) substituting one. Non-random l33t substitutions don't help much at all.

(Anonymous) 2014-10-14 04:55 pm (UTC)(link)
You really seem to know this stuff, so I'm curios what you think of my "technique". Truly random passwords/phrases are really hard for me to remember, while substitution rules are easy for me.

So I assigned certain characters substitutions, where the substitutions can be numbers, letters, special characters or any combination of the three. P, for example, could be !o?, c could be 26 and u could be y, so Pikachu would be !o?ika26hy.

The substitutions make sense for me, for one reason or another, but should appear random for people who are not me, or at least not common enough to be in the libraries of password-cracking software. Plus, even short phrases can become up to three times as long, depending on the original letters and punctuation involved. Using my actual system, Pikachu would be 13 characters long.

[personal profile] cbrachyrhynchos 2014-10-14 05:14 pm (UTC)(link)
You really seem to know this stuff, so I'm curios what you think of my "technique". Truly random passwords/phrases are really hard for me to remember, while substitution rules are easy for me.

Well, the best answer is a password safe. But if you're subbing out characters using a truely unique system that's not been documented anywhere else, it's probably good enough. (Assuming you don't reuse passwords via a very weak system.)

(Anonymous) 2014-10-14 05:48 pm (UTC)(link)
nyart wondering if you recommend any password safe in particular?

[personal profile] cbrachyrhynchos 2014-10-14 10:53 pm (UTC)(link)
I like LastPass.

(Anonymous) 2014-10-16 06:37 pm (UTC)(link)
Thank you!
Flat | Top-Level Comments Only