Mageia forum

[Voodoo]

For root and obviously the guest user account.

Would I make the sudo and root passwords the same.

Would I use both upper and lower case letters and numbers too?

[doktor5000]

pwgen -By or pwgen -s for more secure passwords (you may need to install pwgen).
Most standards for complex passwords mandate upper & lower case, numbers and
at least one special character, and eigth characters at minimum for a halfway complex password.
It should also not be based on a word which can be found in a dictionary.

BTW: There is no separate password for sudo, depending on your setup you either use your user password or none.

[Voodoo]

nice program

so you would use that for a linux password and it would be the strongest available?

im guessing you can make them longer too ie heres my output:

Code: Select all

fcAg5xnA tcpaLf73 Ci9bSwrM 4l93Do1p SaEo53vi zQr2YhUL C5AsnZZa fjZu4gJI
hpQOK6ty Ac5MBLv2 KD5Vk8tU 0EMK1C9P z0RVEHfo NjyVO3f4 En0KLlO7 jSdxd8zI
0VOKXJ0c 97viFaSH IdGt5cu4 un1SANe1 QJj7BCRJ ry0ACCMW GNj7paKg suI2kWIW
n12R3ckR 2gyFGHS8 9NAmyuDr 7U2qysOg Y1lsqiKF ArNS7krw rlU4OYxh Olnji2FQ
ynFJU8HH WLjYn2QN 92tiG00r ISoHRG0g IiK4D8HI g02QjuwG dO2D6qBs S3WqBLMc
PZPNYhF5 vvYRFH7e 5OC6oZY7 nxGxTiN9 0juiyCvd 27t0ZEUE Ca6y9hnB aXusIc0A
yZrT8OKG yVNN2BWQ L7geV5dS eF32dvU8 aOd5J9tg Lx4DnOVX UI0ALV4r 751D2sXK
rr0yzEfs xFPcThM9 3vrY2sFZ qXiV8NEy zEra46Ib OWPQrOR1 if4uQtbK 39lh1Ums
lMZE4EET u8SY9Uy2 RfDPl5Ul dWv1p6kF Xu5bRJQa TrtY1uds 1CxDvA0O q7nUqMRr
DvfGAKQ1 HUzy5x9c dmOBMm4K JurP7pTN meNVMu5I T0KSQpgU rWnm4Rq6 cswcM9Hf
awb9zcpH 8yXDNBjL mxKjx0TR ZRDo0LMu AAQ63K1h 3YPCOSBy 2ybJgDxL z2a62Ozp
ZzD4JK4c 3mZb6MON OAZ4QLL3 HxIU1RRF HEzD9HYm bNbpUv4l m3ZmYIIS Ty2x0eNw
sm75uHtp wpBE3Cw4 Nq4Ni65v fcaGpi7A Pgc8QQOV QqeDGX5N 2TR4gldg 7DSWowMp
AjvectA0 SGUn3H5S 80wlQtXL GkR4lcwP Nl2M9O7I 9hwXSpkW 9ZcG5VCP qZ1iK3oo
SqIIzHd2 2JtltH8O QNGKRHR4 5h6oApig hi4dqmA5 N8uGYmMe d5rjNvU2 bnHwov6O
c1Z3ziG0 rk8BT1EO WfSzY8it hlB4jE3o VQGsGjw7 rQBEB28o iO5ihAgb v5oadKOJ
F07IvHXb 1eKAhtfe e5RVpn9c 3dmmF7d5 qvep5gPD 2tYKy8oL L3IreIcI PHClNIg1
KzxP52Vd 7n7ceVaj kEa1UadH me7Xm7pn Sj2IgzbB 1tgrnJMF V2t6Umli r7rG7bpa
Vq970Ens Rgw7IlCD KVx7W0oX AhuxNs4d SKV2yyIi j9Ev35oW rT9EDyyw EJKd8GLc
4JVuKSwd rJ0FfETk 79kqSx42 044vsiDh FXXz8gt1 xD56yNLw 96DyJVBI 6k4FoCFR


[oldcodger]

One important factor in a strong password is me remembering it
I have found a way around that, and that is to take a letter from each word of a rhyme that I know well, any of the letters that convert easily to a number I do so, and, where possible use any of *$%& in place of some letters.
Example that I used a long time ago was from the rhyme 'Sing A Song of Sixpence'. I used the line 'four and twenty blackbirds baked in a pie'
The password was derived by taking the last letter of each word thus 'r&20sdn1ae'
Not the strongest password but strong enough for most purposes, and I could always remember it.
On the occasions where the password was for a form on a website I would substitute the '&' for an 'A'.

[oj]

A statement, question, anything long enough to comprise a complete sentence is a good choice. I make up a sentence, and use all the punctuality you'd use if writing it. (properly) eg "Did you bury that bone?" "Did you, mister dog, bury that bone?" Caps, punctuation and equally important the spaces between words, where appropriate. That throws odd characters into the mix.

Then you can choose to do a substitution or two, eg replace a selected letter with a number or some other character. In the above, you could replace the "o" with a zero, "0" which would be easy to remember. Another easy to remember substitution would be replace "b" with the number representing it's position in the alphabet. In this case it's "2." Doing both these subs, the password would look like this: Did y0u 2ury that 20ne?

The time/effort to crack that exceeds the capability of just about any computer, and likewise any hacker that would be dumb enough to try.

Check this out, it explains passwords very clearly: http://xkcd.com/936/

[macxi]

Tips in internet:

- How To Create A Good Password That You Will Not Forget - February 21, 2010 - By Tina Sieber

- 5 Steps to a Good Password - By Paul Gil, November, 2012

[doktor5000]

Also a rather interesting read, providing much context information on overall password security, and ways to hack passwords and how to protect against that:
http://www.baekdal.com/insights/passwor ... -usability

@Voodoo: The strongest available? You can make the password even longer and more complex, which also
makes it more secure, but way harder to remember, which partly defeats the pupose of a password.
Also take a look at above link.

[Voodoo]

Also a rather interesting read, providing much context information on overall password security, and ways to hack passwords and how to protect against that:
http://www.baekdal.com/insights/passwor ... -usability

@Voodoo: The strongest available? You can make the password even longer and more complex, which also
makes it more secure, but way harder to remember, which partly defeats the pupose of a password.
Also take a look at above link.

that link you just posted i liked that except i didnt like the part where It is 10 times more secure to use

"this is fun" as your password, than "J4fS<2".

If you want to be insanely secure; simply choose uncommon words as your password - like: du-bi-du-bi-dub
A usable and secure password is then not a complex one. It is one that you can remember - a simple password using 3+ words.

the reason is that the first one looks like a dictionary word and the second one i just dont understand but yes i will be wrong i just find that a little interesting and the this is fun password seems easy to hack

[oj]

"this is fun" as your password, than "J4fS<2"

Remember that the input characters are not stored in plain text, they are used to generate a hash. Simply: the more characters there are the better the password, regardless of what the characters actually are. "this is fun" is far superior in the example above.

My personal wireless password is 8 words, 57 characters including spaces and punctuation. There's no way I'll forget it, but imagine 57 random characters... no way. I plugged my password into a program that calculates the effort required to crack it, one of the inputs being the encryption bits. (eg 1024 bits) With the present hardware available put to the task, the sun will burn out before anyone would brute force that password.

No question a simple, easy to remember phrase is the better way to go. Use punctuation, and/or make substitutions and you're certainly not going to be any cracker's low hanging fruit.

[doktor5000]

With the present hardware available put to the task, the sun will burn out before anyone would brute force that password.

Well, just remember that brute-force is the most unelegant way to crack a password. Better look for easier attack vectors,
like for wireless security, depending on the encryption, not the passkey is attacked directly, but with the help of weak initialization
vectors and maybe forced deauthentication, creating more wireless traffic to analyze, and stuff like that is better and takes less time
than to brute-force the passkey itself. Just FWIW ...

[oj]

all accounted for and more the term "brute force" was my own lame addition