"Really need to implement more secure password options to stop accounts being brute forced. Allow special characters at the very least!"
You can protect yourself from being brute forced by just having a longer password. Choosing "p&ssw0rd" isn't actually much stronger than "password". |
Reply privately, Reply in forum +quote
or View forums list | |
A brute force attack is a hacking method that uses trial and error to crack passwords, login credentials, and encryption keys. It is a simple yet reliable tactic for gaining unauthorized access to individual accounts and organizations’ systems and networks. The hacker tries multiple usernames and passwords, often using a computer to test a wide range of combinations, until they find the correct login information.
The name "brute force" comes from attackers using excessively forceful attempts to gain access to user accounts. Despite being an old cyberattack method, brute force attacks are tried and tested and remain a popular tactic with hackers. |
Reply privately, Reply in forum +quote
or View forums list | |
"A brute force attack is a hacking method that uses trial and error to crack passwords, login credentials, and encryption keys. It is a simple yet reliable tactic for gaining unauthorized access to individual accounts and organizations’ systems and networks. The hacker tries multiple usernames and passwords, often using a computer to test a wide range of combinations, until they find the correct login information.
The name "brute force" comes from attackers using excessively forceful attempts to gain access to user accounts. Despite being an old cyberattack method, brute force attacks are tried and tested and remain a popular tactic with hackers."
How much is this an active problem in Fab? I assume it's more of an issue where the hackers can gain financially from it, right? |
Reply privately, Reply in forum +quote
or View forums list | |
"Really need to implement more secure password options to stop accounts being brute forced. Allow special characters at the very least!
You can protect yourself from being brute forced by just having a longer password. Choosing "p&ssw0rd" isn't actually much stronger than "password"."
dependnig on the method used to brute forcr it adding a single special character can make it significantly harder. |
Reply privately, Reply in forum +quote
or View forums list | |
 |
By *x SmithMan 33 weeks ago
East Lancs area |
I wonder, can we just forget special characters? Can we lose the UPPERCASE. Are numbers' number up? They do nothing for your security. They make it worse. And never force users to change their password every 90days. These outdated pieces of advice encourage sloppy passwords. This is now the advice of the highest tech authority in The West* that password length, over types of characters chosen, is best protection, and introduce randomness. The worst passwords are the ones that you choose with the name of your relative, spouse, pet, best friend, an old reg plate, ANYTHING that you've chosen 'coz it's "special" for you.
* US NATIONAL INSTITUTE OF STANDARDS IN TECHNOLOGY (NIST)
useapassphrase[dot]com explains it all.
Examples of real passwords I've used in the past:
raven.fancy.pedicure emboss.dodgy.duckling
I will never forget them as I they were used daily, even though the accounts associated are now closed.
Won't beat around the bush, as an IT admin I fight stoopid password usage daily and bad password advice about characters does my nut in, especially when the NIST has vocally discouraged it for almost a year (search NIST password advice 2024) and YET STILL, APPLE OF ALL PEOPLE still insist on being regressive heeeejits about it.
And yes, multi-factor authentication and anything else you can do to secure any account is fookin important, but sites that enforce "minimum 8 characters, mixed characters" get a pissed off email from me that their security is fookin lax. Minimum 12 characters of any type should be the advice. 20 characters encouraged.
Rant over |
Reply privately, Reply in forum +quote
or View forums list | |
» Add a new message to this topic
