who uses a 50 character password?

Discussion of non-phpBB related topics with other phpBB.com users.
Forum rules
General Discussion is a bonus forum for discussion of non-phpBB related topics with other phpBB.com users. All site rules apply.
Kim_Possible
Registered User
Posts: 1343
Joined: Sun Sep 21, 2008 3:57 pm

Re: who uses a 50 character password?

Post by Kim_Possible »

Unknown Bliss wrote:Its talking about an encryption key for a hard drive partition.
I've never heard of an encryption key length being described as "50 characters." If he is using any of the publicly available encryption tools, then he is probably using AES which (IIRC) typically generates either a 192 or 256 bit key. The program probably accepts pass phrases up to 50 characters (most accept pass phrases of 64 characters).

It is also possible that the person writing the story didn't know what he was talking about. :)
Daniel Exe
Registered User
Posts: 573
Joined: Wed Sep 14, 2005 7:59 pm
Location: Canada
Contact:

Re: who uses a 50 character password?

Post by Daniel Exe »

Kim_Possible wrote:I don't think the standard user account protection offered by operating systems would prove to be that difficult to bypass. My assumption is that the owner has used some sort of robust method of encryption to protect his data . . . or access to his entire operating system.
Rainbow tables. Windows wouldn't put up much of a fight.

TrueCrypt on the other hand, as you mentioned... well, good luck to that team lol
User avatar
nuckfan15
Registered User
Posts: 1849
Joined: Fri Jul 09, 2004 4:46 am
Location: Vancouver, BC
Name: Travis

Re: who uses a 50 character password?

Post by nuckfan15 »

Kim_Possible wrote:I'm guessing that he is using something like TrueCrypt to encrypt the entire disk/partition. If so, there is no easy "work around" for not having the pass phrase. I've had two laptops stolen in my life, both of which had fairly sensitive work-related data on them. I use TrueCrypt religiously (also, my pass phrase is 39 characters long ;) ).
I don't really understand why anybody would want to remember a 39 character password, nevermind type it every time.
Travis aka Nuckfan15 - No Private Support
Make use of the Support Request Template when seeking support.
Daniel Exe
Registered User
Posts: 573
Joined: Wed Sep 14, 2005 7:59 pm
Location: Canada
Contact:

Re: who uses a 50 character password?

Post by Daniel Exe »

To remember a 39 character string, it would have to be something..well..rememberable. Like a particular order or sequence of numbers, or perhaps even a sentence. So it's probably not even that strong of a password..but rather just long. Heck, I would guess it's a basic sequence/pattern of keys, like the row of numbers over and over again.
User avatar
AdamR
Former Team Member
Posts: 9731
Joined: Tue Mar 02, 2004 5:40 pm
Location: Tampa, Florida
Name: Adam Reyher
Contact:

Re: who uses a 50 character password?

Post by AdamR »

Daniel Exe wrote:To remember a 39 character string, it would have to be something..well..rememberable. Like a particular order or sequence of numbers, or perhaps even a sentence. So it's probably not even that strong of a password..but rather just long. Heck, I would guess it's a basic sequence/pattern of keys, like the row of numbers over and over again.
Not necessarily. For example, my password here on phpBB.com is >30 random ASCII characters and I've memorized it. Granted, its the only one of my uber long passwords that I have memorized, but it can be done. :D

- Adam
phpBB Support: Welcome | Userguide | Knowledge Base | Search
Honored supporter of the phpBB Group!
"If I have seen a little further it is by standing on the shoulders of Giants." - Isaac Newton
Daniel Exe
Registered User
Posts: 573
Joined: Wed Sep 14, 2005 7:59 pm
Location: Canada
Contact:

Re: who uses a 50 character password?

Post by Daniel Exe »

30+? lol If I didn't know better, I'd suspect you were paranoid of salted MD5 passwords
User avatar
Superwaffle
Registered User
Posts: 68
Joined: Sun Aug 29, 2010 1:54 am

Re: who uses a 50 character password?

Post by Superwaffle »

Daniel Exe wrote:To remember a 39 character string, it would have to be something..well..rememberable. Like a particular order or sequence of numbers, or perhaps even a sentence. So it's probably not even that strong of a password..but rather just long. Heck, I would guess it's a basic sequence/pattern of keys, like the row of numbers over and over again.
All of my passwords are alphanumeric; it's not hard to write a long password made up of digits that seem random to anyone but yourself. For example: B1o2R3a4T5r1O2c3K4s5. A 20 character password that would be nearly impossible to just guess, yet pretty easy to remember. All it's composed of are the words "Borat rocks" alternating capital letters, with the numbers 1, 2, 3, 4, and 5 in between each letter, then restarting for the next word. Just because it's easy to remember doesn't necessarily mean it's a weak password.

Also, what's the difference between an encrypted password and just a normal password?
Daniel Exe
Registered User
Posts: 573
Joined: Wed Sep 14, 2005 7:59 pm
Location: Canada
Contact:

Re: who uses a 50 character password?

Post by Daniel Exe »

Just because it's easy to remember doesn't necessarily mean it's a weak password.
I never said the length made it weak. I meant that there had to be some sort of significance for it to be remembered. Length is definitely a huge factor in password strength, although not nearly as big of a contributor as using a combination of special characters. Ie: 7 chars alphanumeric is in not a strong password, and if it's not being hashed and stored with a salt, I'd be worried.

As for password and encryption, those are two different things altogether. Encryption is transforming data, using an algorithm, so that it cannot be read. A password (or in this case, key) can be used as credentials to decrypt that data though. I'm thinking maybe you're getting confused with hashing?
User avatar
tbackoff
Former Team Member
Posts: 7064
Joined: Thu Jun 04, 2009 1:41 am
Location: cheerleading practice
Name: Tabitha Backoff

Re: who uses a 50 character password?

Post by tbackoff »

Daniel Exe wrote:I meant that there had to be some sort of significance for it to be remembered.
Yes, but that doesn't make it weak. For example, my password here is something I can easily remember, but even if you've known me my whole life, you would never guess it. Just because it's easy-to-remember does not always mean it's weak.
Flying is the second best thrill to cheerleaders; being caught is the first.
Daniel Exe
Registered User
Posts: 573
Joined: Wed Sep 14, 2005 7:59 pm
Location: Canada
Contact:

Re: who uses a 50 character password?

Post by Daniel Exe »

At a length of 50 characters though, I wouldn't exactly associate a string made of random chars as being easy to remember. Going back to my original point - I had wondered if it were perhaps something rather trivial such as a specific sequence or order of the keyboard. Having to type this in on boot would become a bit of a hassle otherwise. AdamR being an exception :P

In no way am I trying to argue that any password you can remember must be weak - which is perhaps the impression I've given you. Although for the average user, the fact that rememberable is associated with a dictionary word is rather unfortunate, but understandable.
User avatar
nuckfan15
Registered User
Posts: 1849
Joined: Fri Jul 09, 2004 4:46 am
Location: Vancouver, BC
Name: Travis

Re: who uses a 50 character password?

Post by nuckfan15 »

Daniel Exe wrote:At a length of 50 characters though, I wouldn't exactly associate a string made of random chars as being easy to remember. Going back to my original point - I had wondered if it were perhaps something rather trivial such as a specific sequence or order of the keyboard. Having to type this in on boot would become a bit of a hassle otherwise. AdamR being an exception :P

In no way am I trying to argue that any password you can remember must be weak - which is perhaps the impression I've given you. Although for the average user, the fact that rememberable is associated with a dictionary word is rather unfortunate, but understandable.
This topic kind of motivated me to go ahead and change alot of my passwords. I realised using one password for everything isn't too smart, especially doing online banking. Given it is pretty random ( ex sis9wwiw98 ), but still dangerous.

They are all a minimum of 11 characters now and all different.
Travis aka Nuckfan15 - No Private Support
Make use of the Support Request Template when seeking support.
Kim_Possible
Registered User
Posts: 1343
Joined: Sun Sep 21, 2008 3:57 pm

Re: who uses a 50 character password?

Post by Kim_Possible »

I have one really long password that I have memorized. It is ~40 characters long, and that is the password that was used to generate the 256 bit encryption key that was used to encrypt my entire hard drive (using AES). That password gets me into my hard drive and also loads my password manager (KeypassX). All of my other passwords for websites, programs, router, etc. are there. Each site/device/program gets its own password that is is (pseudo)randomly generated and as long and as "broad" as allowed.
Daniel Exe
Registered User
Posts: 573
Joined: Wed Sep 14, 2005 7:59 pm
Location: Canada
Contact:

Re: who uses a 50 character password?

Post by Daniel Exe »

Kim_Possible: Best practise, by far. What password manager do you use, if I may ask?
User avatar
MichaelC
Consultant
Consultant
Posts: 3642
Joined: Mon Dec 21, 2009 3:36 pm
Location: Surrey, UK
Name: Michael Cullum
Contact:

Re: who uses a 50 character password?

Post by MichaelC »

Daniel Exe wrote:Kim_Possible: Best practise, by far. What password manager do you use, if I may ask?
Kim_Possible wrote: my password manager (KeypassX)
KeypassX
Daniel Exe
Registered User
Posts: 573
Joined: Wed Sep 14, 2005 7:59 pm
Location: Canada
Contact:

Re: who uses a 50 character password?

Post by Daniel Exe »

Missed that. :oops:

And I wonder if KeyPassX has any relation with KeePass.
Post Reply

Return to “General Discussion”