Comments on: Weak Passwords http://www.ghacks.net/2007/03/27/weak-passwords/ A technology blog covering software, mobile phones, gadgets, security, the Internet and other relevant areas. Mon, 09 Nov 2009 23:09:54 -0600 http://wordpress.org/?v=2.8.5 hourly 1 By: galerion http://www.ghacks.net/2007/03/27/weak-passwords/#comment-530618 galerion Thu, 06 Nov 2008 04:40:32 +0000 http://www.ghacks.net/2007/03/27/weak-passwords/#comment-530618 Quote: If you do not know the username you have to try username and password combinations and there is no guarantee that you will discover the combination for the user that you want to hack. In travian you can see everyones usernames so its just the password you would need to get into there account. Quote: If you do not know the username you have to try username and password combinations and there is no guarantee that you will discover the combination for the user that you want to hack.

In travian you can see everyones usernames so its just the password you would need to get into there account.

]]> By: Matthew Jacoby http://www.ghacks.net/2007/03/27/weak-passwords/#comment-383481 Matthew Jacoby Wed, 25 Jun 2008 17:35:27 +0000 http://www.ghacks.net/2007/03/27/weak-passwords/#comment-383481 Weak passwords are a HUGE issue that, for some odd reason, hasn't hit the IT Admin mainstream yet. I guess they don't realize that those sophisticated (and EXPENSIVE) firewalls and intrusion detection systems are rendered practically useless if there is a single weak password on their networks. The problem now is that companies are coming up with "Password Recommendations", or policies they have no way to enforce. Instead of making "recommendations", I don't understand why companies don't REQUIRE a strong password. There is a software solutions out there called nFront Password Filter that does just that...it REQUIRES strong passwords on Windows domains. With the option to have multiple policies, different users can be assigned different requirements. Along with its built in dictionary scan and ease of installation, IT Admins can have their networks more secure than ever in a matter of minutes. Now there's no more excuses. nFront Password Filter takes care of all the hard work required to secure your networks. Weak passwords are a HUGE issue that, for some odd reason, hasn’t hit the IT Admin mainstream yet. I guess they don’t realize that those sophisticated (and EXPENSIVE) firewalls and intrusion detection systems are rendered practically useless if there is a single weak password on their networks.

The problem now is that companies are coming up with “Password Recommendations”, or policies they have no way to enforce. Instead of making “recommendations”, I don’t understand why companies don’t REQUIRE a strong password.

There is a software solutions out there called nFront Password Filter that does just that…it REQUIRES strong passwords on Windows domains. With the option to have multiple policies, different users can be assigned different requirements. Along with its built in dictionary scan and ease of installation, IT Admins can have their networks more secure than ever in a matter of minutes.

Now there’s no more excuses. nFront Password Filter takes care of all the hard work required to secure your networks.

]]> By: Avalanco http://www.ghacks.net/2007/03/27/weak-passwords/#comment-166725 Avalanco Thu, 06 Sep 2007 17:39:51 +0000 http://www.ghacks.net/2007/03/27/weak-passwords/#comment-166725 Hi. Interesting article(s). Weak passwords has been an problem for a long period, unfortunately, it won't change over an eye blink. I was just wondering, these tools mentioned in this article (C-force, and Sentry), where could one be able to obtain these ? Hi. Interesting article(s). Weak passwords has been an problem for a long period, unfortunately, it won’t change over an eye blink.

I was just wondering, these tools mentioned in this article (C-force, and Sentry), where could one be able to obtain these ?

]]> By: Jim Shepherd http://www.ghacks.net/2007/03/27/weak-passwords/#comment-103881 Jim Shepherd Wed, 28 Mar 2007 19:04:48 +0000 http://www.ghacks.net/2007/03/27/weak-passwords/#comment-103881 I use Password Safe: http://passwordsafe.sourceforge.net which was originally developed by Bruce Schneier, is now open source and as such, is free. I use Password Safe: http://passwordsafe.sourceforge.net which was originally developed by Bruce Schneier, is now open source and as such, is free.

]]> By: Raymond Koppen http://www.ghacks.net/2007/03/27/weak-passwords/#comment-103759 Raymond Koppen Wed, 28 Mar 2007 06:15:34 +0000 http://www.ghacks.net/2007/03/27/weak-passwords/#comment-103759 There is also http://portableapps.com/apps/utilities/keepass_portable but I haven't tried that out yet. BTW Just to be clear I use the portable version of Roboform, which (can) run off a usb stick. Ray There is also http://portableapps.com/apps/utilities/keepass_portable

but I haven’t tried that out yet.

BTW Just to be clear I use the portable version of Roboform, which (can) run off a usb stick.

Ray

]]> By: Raymond Koppen http://www.ghacks.net/2007/03/27/weak-passwords/#comment-103755 Raymond Koppen Wed, 28 Mar 2007 06:09:03 +0000 http://www.ghacks.net/2007/03/27/weak-passwords/#comment-103755 Joose : Try Roboform, it detects webpages and fills in the passwords and its free. Joose : Try Roboform, it detects webpages and fills in the passwords and its free.

]]> By: Joose Haverinen http://www.ghacks.net/2007/03/27/weak-passwords/#comment-103689 Joose Haverinen Tue, 27 Mar 2007 22:46:37 +0000 http://www.ghacks.net/2007/03/27/weak-passwords/#comment-103689 Would be great if you could find and recommend an free password-software, that would automatically insert the passwords into correct web forms. I personally use pretty secure passwords, but only few because it's quite hard to remember which passwords are used where. Would be great if you could find and recommend an free password-software, that would automatically insert the passwords into correct web forms.

I personally use pretty secure passwords, but only few because it’s quite hard to remember which passwords are used where.

]]> By: John Pozadzides http://www.ghacks.net/2007/03/27/weak-passwords/#comment-103637 John Pozadzides Tue, 27 Mar 2007 18:29:21 +0000 http://www.ghacks.net/2007/03/27/weak-passwords/#comment-103637 Great follow up to my original article, and I had hoped that others would detail the "flaws" in my methodology for the sake of illustrating that what I outlined is only the tip of the iceberg. Of course, in the original document I had to consider my reader base (which is generally non-technical) and I needed to make a point quickly, succinctly and forcefully. My primary interest with the article was to make people like my friends, family and neighbors stop to think about it before they chose that next weak password. :-) Take care, John Great follow up to my original article, and I had hoped that others would detail the “flaws” in my methodology for the sake of illustrating that what I outlined is only the tip of the iceberg.

Of course, in the original document I had to consider my reader base (which is generally non-technical) and I needed to make a point quickly, succinctly and forcefully. My primary interest with the article was to make people like my friends, family and neighbors stop to think about it before they chose that next weak password. :-)

Take care,

John

]]> By: Why it’s a bad idea to use a weak password » The PC Doctor’s blog http://www.ghacks.net/2007/03/27/weak-passwords/#comment-103604 Why it’s a bad idea to use a weak password » The PC Doctor’s blog Tue, 27 Mar 2007 15:31:45 +0000 http://www.ghacks.net/2007/03/27/weak-passwords/#comment-103604 [...] other article is on gHacks .  This is in response to the first article and takes the idea of hacking passwords a [...] [...] other article is on gHacks .  This is in response to the first article and takes the idea of hacking passwords a [...]

]]> By: Raymond Koppen http://www.ghacks.net/2007/03/27/weak-passwords/#comment-103541 Raymond Koppen Tue, 27 Mar 2007 10:06:53 +0000 http://www.ghacks.net/2007/03/27/weak-passwords/#comment-103541 I have become a big fan of Roboform, an application that stores passwords for you, this way you only have to remember one skeleton key pass to get access to the other passwords. It can also be used to generate safe passwords for you so you can have a different password on each site. Of course the password database is carefully encrypted. Ray I have become a big fan of Roboform, an application that stores passwords for you, this way you only have to remember one skeleton key pass to get access to the other passwords. It can also be used to generate safe passwords for you so you can have a different password on each site. Of course the password database is carefully encrypted.

Ray

]]> By: ilo http://www.ghacks.net/2007/03/27/weak-passwords/#comment-103530 ilo Tue, 27 Mar 2007 09:35:50 +0000 http://www.ghacks.net/2007/03/27/weak-passwords/#comment-103530 If someone try to brake your password buy using your informations in order to change the password and email am shur that it will take alot of time ti find out stuff like that and you have to be a VIP to think that someone could do something like that you. If someone try to brake your password buy using
your informations in order to change the password
and email am shur that it will take alot of time
ti find out stuff like that and you have to be a VIP
to think that someone could do something like that you.

]]> By: leny http://www.ghacks.net/2007/03/27/weak-passwords/#comment-103515 leny Tue, 27 Mar 2007 07:59:46 +0000 http://www.ghacks.net/2007/03/27/weak-passwords/#comment-103515 martin, buddy big fan of ur site...u wouldnt happen to know where i can download bruteforce program for OCR Would you ??? martin, buddy big fan of ur site…u wouldnt happen to know where i can download bruteforce program for OCR Would you ???

]]>