Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
toad.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mastodon server operated by David Troy, a tech pioneer and investigative journalist addressing threats to democracy. Thoughtful participation and discussion welcome.

Administered by:

Server stats:

348
active users

toad.social: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

Public
Ryan Castellucci :nonbinary_flag:

Ryan's guide to determining whether your password is secure:

1) Did you pick it yourself? If yes, it is not secure.

2) Is it unique? If no, it is not secure.

3) Is it part of a "password system"? If yes, it is not secure.

4) Is created using a deterministic password generator? If yes, it's part of a "password system" and therefore not secure.

5) Did your password manager randomly generate it for you? If yes, it's probably fine.

6) Did you generate it with dice? If yes, it's probably fine.

7) Did you create your password in some other way? It's probably fucked.

Alexand

@ryanc

Please rate my method of creating passwords:
I have a paperback book and use the first 12 characters of the first line at the top of the page including punctuation followed by the page number. I just use the next page every time I need a new password.

Jun 25, 2024, 03:32 PM·Public
0boosts·1favorite
Public
Alexand

@ryanc

I ran l0phtcrack against my SAM file a while back and these passwords were the last to be brute forced…nearly a string of random letters with only one or two common words embedded. Do you use a similar tool for testing?

Public
Ryan Castellucci :nonbinary_flag:

@djg I have written password crackers and cracked this kind of password with them.

Public
D C Ross

@djg @ryanc
Let's remove some extraneous details and see if we can make this a little clearer:

"I use one or two dictionary words, in the exact order they would naturally come in a sentence, followed by a two or three digit number. Sometimes there will be a comma or period after one of the words."

It's not quite the combination to President Skroob's luggage but I think that rules one, four, seven and eight all apply here.

Public
Alexand

@deeseearr @ryanc

Thanks for everyone’s comments!

Here’s an old one for reference:
“Aren’tmeand23

Public
Tomas Aschan [ɐ̆sˈkɑːn]

@djg @deeseearr @ryanc Wait, did you just give us a way to find the exact book you're using?

Public
Alexand

@tomasaschan @deeseearr @ryanc

Absolutely, the book I used to use anyway, I will have to ask Google AI to see if it can find this based on that information…

Public
Ben Aveling

@djg I would say, not reliably secure. (And now that you've shared it, even less so)
Basically, it's a couple of random words, probably common words, plus some random letters and numbers.
That's possibly good enough for online password guessing, depending on how many random letters and numbers.
It might or might not withstand offline attack. I'd guess not. 12 characters isn't a lot these days, even if completely random, although it depends on the way passwords are being stored, and most of all, it also depends on who you are and why you are being attacked.
@ryanc

ExploreLive feeds
About