Suggestions
I get contacted by readers, friends, family etc. asking about specific topics. One of the suggestions made was a page, like this one, where people can leave a comment asking a question or requesting a post about a certain topic. I thought this was a good idea so here it is! Leave a comment below and if your suggestion is a topic that has a place on this blog I will add it to the list. The plan is to write about suggested topics on the list.
So far the suggested topics are:
– Parental Controls (Wendy)
– OpenDNS (Nico) Done for now, more in the future hopefully, find it here.
– OS X’s hosts file (Darren)
– Data Recovery (Dennis) Done, find it here.
– Using special fonts to hide message contents (Michael) Done, find it here.
– How can i see who has viewed my Facebook profile (Diane) Done, find it here.
Leave your comment below and add to this list.
Using a book to generate passwords
For somebody thinking about digital security for the first time, the choice of passwords is the first issue he or she is likely to confront.
If I am correct, and providing I don’t use dictionary words or phases, it is the length of the password which is the most important in making it resistant to a brute force attack.
Here is the method. I choose a book, preferably an obscure one which will not have been digitalised, and choose a page. I start at the first letter of the first word on the first line; it becomes the first character of the password. The first letter on the second line becomes the second character of the password, the first character on the third line becomes the third character and so on.
I have by chance a book in front of me right now: it’s open on page 50 and that would generate the following password.
TYRAPNTAaNCfINsdImtAcBchdfaAHasAWaeAs
Providing I don’t lose the book, and collaborators have a copy of the same book, we now have a near perfect way of generating and sharing passwords. Of course, the book has to remain secret.
Well, so it seems to me. But I am no expert. Your opinion?
I’m no expert either but it sounds like a good way to create a strong password. Unless you’d use a math book of some sort though there will not be any numbers or special characters in the resulting password. This can weaken the overall strength of the password if someone with powerful gear and a copy of the latest ocl-Hashcat-plus takes a poke at it. It should hold up nicely against a standard dictionary attack though and it’s certainly better than what most people come up with 🙂
I was told that someone has to solve a pwd entirely and exactly and can not get feedback about partial success along the way.
I also read that if people write a short answer, say a few sentences for a college test, it is surprizingly difficult for two students to write the same answer word-for-word. Further, it is very difficult to recall one’s own passage word-for-word later on.
With these in mind, what is wrong with using a book passage and sprinkling in some numbers and special characters? Are the notions above only true with regard to brute force attacks, and ocl-Hashcat-plus uses more efficient strategies?
Good work!!!
Question regarding result pdf.
Large pdf is hard to work with for comparisons.
Cant sort or compare columns by copy paste them in a spreadsheet, comparing by scrolling is quite impossible (do not have that large of a screen size).
It would be nice to share antivirus definitions published, now it is almost impossible to copy md5 list to update virusdefinitions by hand.
Is it possible or an idea to convert your pdf to csv format and share this?
That would be really great and a great help.
Thank you very mucho!
MacMan
Because of the cell layout in the original document, exporting as CSV results in a terrible mess. I may post a list of MD5’s in the future but as this list changes fairly often that would mean yet another thing for me to update. So for now, no solution but once I find one I’ll post about it 🙂