Take your Google, Facebook or other account passwords and run it through:
https://howsecureismypassword.net/
Share your Results :D
>>55600732
82 Million years for my passwd :-DDDD
>>55600732
>feeding their wordlist with your passwort
nice try
Not long if I submit it to a website.
>>55600732
>Put your passwords in this random site
Nice try m8
1 minute... Fuck
>>55600792
"Your password will not be sent over the internet."
It worked when i was offline.
So yea no wordlist involved it think.
>>55600732
This
>>55600732
>4 hundred years
I can live with that.
>>55600889
can work offline but still send ajax calls if you're online, did you check that?
>>55600732
3 million for my bank password
100 years for my main email password
59 minutes for my twitch password/ secondary email password
1 minute for my password that i use everywhere else
Yeah. I know, Im slowly changing them.
>>55600732
> tfw this is the closest to sex that I have been in years
>It would take a computer about
>410 BILLION YEARS
>to crack your password
Ok.
you do realize they are building dictionary file?
>>55600994
Not him, but..
> load page in secodary browser
> drop wifi
> run test
> close browser, watch process die
> connect wifi
Also pic related
>>55601046
> he's too stupid to run the page offline
It's like you want the NSA to see your CP.
I actually use Dashlane (product they're advertising)
Here is the default "strong" password that is generated as measured by themkRJ5G84Y5mRd
I use 28 char + symbols though and it gets measured at "25 UNDECILLION YEARS"
Example:DOelo'2ku*)-r|;[|YWOuJGpAXmI
>>55601049
> forgetting pic related
password that consists of 4 english words from dictionary has similar "strength" as 12 letter password (caps, small, digits)
>>55601084
how do you store that shit
>>55601114
I noticed this. I know XKCD did the correct horse battery staple thing but I have no idea what he means by entropy (in this context at least) nor what the grey squares represent. Can some anon explain this bullshit?
>>55600732
I use 19 character passwords minimal with upper and lower case letters, symbols, and numbers. Good luck cracking that.
>>55601049
Yeah I meant, the local javascript function could still work offline but ajax calls could be there trying to send your password, you'd only see an error in your console but everything would be fine on the website when you're offline, I'll take a look
>>55601150
>>55601114
How strong are those against dictionary atacks?
>>55601226
Okay it seems its safe, no password is send, still they could change the code anytime etc... so better save a copy for using offline if you really want to use it, also the result is pretty shit, it only calculate with bruteforce, so a shitty password but long enough will give xx million years, but with a dictionnary it would be pwned in seconds, so yeah
somebody edit in a LE ebin meme into the asterisks like FOR YOU
my actual pass only takes 100 years it says. I doubt it.
>>55601255
>How strong are those against dictionary atacks?
12 letter bruteforce ~ 4 word (that is from school dictionary) password
>>55601150
Entropy = disorder simple as that
>>55601255
very weak
same goes for leetspeak or putting random number at the end of a word / name
>people make their password complex so it'll be the last one to be guessed by brute force
>just program your password cracking app to start from the most complex password and work backwards
>crack it in no time
>>55601145
using dashlane, its like keypass or any other password manager.
could be botnet / wordlist, who fucking knows.
Has a chrome extension so everything gets auto logged in as well, i never see these passwords.
>>55601403
e-mail me!
>>55601350
t. "smart" 14 year old who watches minutephysics videos
>5 seconds to crack
i use this password for everything, including my paypal and bank.
>>55600732
fug
Do you really think I'll feed my 64 character password to your rainbow table OP?
>14 quadrillion years
Amazing
3 thousand years.
I just use a simple initial thing so I can easily remember it.
In English it would be something like :
MY PASSWORD HAS small letters and the numbers 1453.
Which becomes MPHslatn1453
>>55601350
So, in this context, one could just as easily say "28 bits of randomness vs 44 bits of randomness".
Could the whole comic be summed up as "the more characters you have in your password, the harder it is to guess, regardless of characters used?" or is there a deeper meaning I'm missing? I might just be getting caught up on the use of the word entropy, Randall isn't in a habit of using big words unless it's part of the comedy is all.
>>55601456
Amazing! You transform a good password into a shitty one LMAO.
>>55601435
You can download the Site and use it offline.
>>55601431
iToddler, everyone
>>55601510
i've never owned an apple product
>>55601483
The biggest problem with password security is inconsistent requirements. A majority of sites and systems define a maximum amount of characters, meaning a full passphrase like "iWishTheseFuckersStoppedMakingMeChangeMyPasswordEvery90days" is impossible in most places. Laziness aside, if normies had been brought up on passphrases instead of passwords, they would not be so exploitable. I blame the developers, not the users.
>>55601403
>most complex password
And what would that be?
>>55601528
The true value of pi
>>55601528
Too big for 4chans measly 2000 character post limit.
>>55600732
ITT: sheeps helping OP building his wordlist
>>55601558
ITT: Illiterate niggers who keep ignoring the people who have used the site offline.
>>55601558
learn to read, fagtron
>>55601150
By entropy he means the scattered mess that would exist in the brain while attempting to evaluate the problem.
If you try to create a sense of order without a base of context, you would be reaching, within a vacuum, for every single bit. In a vacuum, anything not vacuous would immediately create a bit of disorder from the norm. This means that each bit used within that vacuum, as an unknown to be deigned now known or supposed as such, adds to entropy in its own category. Therefore, if there are 8 letters but you can, and know to, capitalize the first letter you have added a bit of entropy, where bit refers to the miter for the least amount of correspondence between the two sectors. That automatically increases the entropy miter to 9 even though it is an 8 bit word. Don't be confused by the number of letters that could be there, that refers to the order of magnitude beyond the first order, the first order relates itself simply to the relationship it can hold between the base and the adjunct.
So, interchanging a particular letter within some other character, adds a bit, allowing different kinds of symbols adds one bit for each ( if the process is iterative and not part of a system ), adding numbers another bit, checking it against a list of common words another bit, so on and so forth. I'm not sure how he intends for us to read on punctuation but he might treating the symbol there as part of the term, word or as separate, and since there are two "coherent terms" in the password searching for the terms individually will return a positive match but not necessarily relay which of the words is coherent and which of the words is simply the "rest" or the "predicate".
So, the entropy basically derides the points upon which any or many things could exist. It's not exactly a quantifiable subject. I would wager to say it is a purely qualifying statement to say, "this is where we do the duty".
I can live with this
And tommorrow:
>Big passwords leak! Thousands of people's accounts on big services such as Amazon got hacked!
Passwords are still fundamentally flawed for the average user, this is why 2-step verification needs to be heavily adopted.
>kek
>>55601488
just because it's offline doesn't mean it's not communicating with op
that's like saying that unplugging your internet box makes 4chan be available offline
>>55600732
10-20 min
a day
>not substituting your password with symbols from the same group instead of worrying about work lists
>>55600732
>feeding their wordlist with your passwort
>>55602921
>>55602038
See >>55601259 you dense fucks. Just because you're too stupid to cover your arse doesn't mean the rest of us are.
My random charactrers/numbers/letters password takes 3 weeks
My password i use for unimportant sides that is literally a catchphrase from duke nukem with a number at the end takes 4 years
What is this
>34 thousand years
Kek, that's for my throwaway account.
hglkjdfg89 takes 2 minutes to guess
listless.decadent.miser takes 30 quadrillion years to guess
the second one is infinitely easier to remember. people should be using this.
![71gRGUw[1].png](https://i.imgur.com/N0Scgkm.png "71gRGUw[1].png")
>>55601464
No, the point of the comic is that you can make strong passwords that are easy to remember. "ChocolateWaterFecesOperator" is just as strong as "hW433RGzdR!2", and that's assuming the hacker knows your password consists of 4 English words. And you've probably already memorized one of those 2 passwords already.
>>55601403
my email password, not bad
is there any form of attack that "Av1dya.blossom" is bad against? for example
>>55601403
/v/ is this way >>/v/
>>55601424
I chuckled.
>mfw the website is collecting passwords for OP
>Almost all my passwords turn out to be pretty weak
>Just realized making an extremely strong password is as simple as putting 12 decimals of pi, one word and a symbol
>>55600764
A random password without any context is useless to anyone.
Ten Million years for mine
>>55600931
>>55601012
>>55601084
>>55601086
>>55601262
>>55601431
>>55601698
>>55601782
>>55601918
>>55604052
>>55604379
>Feeding the wordlist
>>55605871
yeah im sure 燥냔ᮌ躇颿⨔齷긖䰱Ḻ֫旳粽斵蚎܂겪算㸆ﲿ過譮䶏ᢺ畵툕䦆⮉ is very helpful word
>>55605871
I joined the Dashlane botnet.
>>55605871
>>55605652
there's no network traffic on the page beyond the initial load
>>55605871
>Helping the tin hat industry stay in the black
Typing random passwords without any context or even a hint of where they would be used is pointless. Go ahead and crack someone with their password "pignuts123". You cannot do shit since you do not know what sites they use or the usernames that go with that password. You have the key, but the lock is a mystery.
>use offline
>can't send password to base
maybe its storing it until it gets online?
Rule1 - never use an online password generator because you can create an ultra secure password which you and at least one other person can use.
Rule2 - never use a site like this because of rule 1.
>>55600732
10 tries, afterwards the device wipes itself and all my rare pepes are gone forever.
Can anyone beat me?
>>55605991
fake and gay
>>55605936
>Typing random passwords without any context or even a hint of where they would be used is pointless.
bullshit, if you target popular services such as gmail, ssh etc then you have a good chance. How many people have simple usernames?
>>55606009
Joke's on you I use Arabic and Russian character set.
Sit there and cry.
>stores all passwords with Dashlane
>secure
>someone hacks Dashlane
>muh passwords!!!
>>55606020
I use Arabic and Japanese actually. You're the first I know of that uses other languages too.
>>55600732
I knew I was safe.
>>55605986
if you really think that would help if somebody really wanted your data you're delusional
i don't think they'd make it
>>55600732
I don't want my password to be added in this db, gtfo.
>>55606307
me neither, i just typed an equivalent with the same number of capital letters, lower case letters, symbols and numbers
>>55600732
Old password. I use KeePassX now for almost everything.
>299 SEXDECILLION YEARS
damn
>>55600732
Instead of feeding it my actual password I just generated another random password from the same characteristics as my passwords.
>>55601587
That doesn't mean the site isn't sending the passwords, it just means it doesn't need to in order to make the prediction.
The way to prove it isn't is by posting the network traffic of your browser.
>use lastpass
>100 characters
>all symbols and characters
>353,108,814,528,039,200 QUINQUAGINTILLION YEARS
Are there even any sites that allow you to create passwords longer than 30 characters
122 nonillion years for Nothingtohidenothingtofear69
>>55600764
Went to site. Disconnected wifi. Tried passwords. Closed the site.
>>55606694
When did you put your tin hat on?
>Forever
All I did was put the letter "a" in a bunch of times, with no variation.
Okay serious question. Is there any service that I can trust to store passwords? I currently follow a pretty easy to crack password sequence that functions as such:
>[Site name][Standard password branch]
And was wondering if using something like keepass would be better? Anything that would actually keep things secure while making my life easier?
hunter2 takes 2 seconds
>>55606694
>he didn't clear his session data
You've fucked up.
>>55601049
Passwords could be saved in local storage or cookies until next page visit and then be sent
If you type 'password' 'admin' or '12345' it says instantly which is amusing
jjjjjjjjjjjjjjjjjjjjjjjjjjjjjj
2 SEPTILLION YEARS
>>55604350
I think he's referring to troll science, an old meme
>>55601403
Dumbies you know that the most complex password is infinite ? who can't be reached ?
I dont understand this, my passwords are in grorious nihonese folded over a million times, do they even use the characterset for bruteforcing?
I change it every week so i suppose this is good enough.
Am I secure yet?
>>55601403
>implying all the true /g/entlemen don't use medium length passwords for thus exact reason
695 OCTILLION YEARS
It seems 111 random Unicode characters is the only way to be safe.
