Just cracked an 18 character password.

It was a two word combo that was in one of my dictionary files as a single entry followed by 9 numbers. The first letter was capitalized.

Gotta love dictionary + rule attacks.


Is it reliable to use certain tools to test how hackable our password is ?

@noorul - Only if you control the tool. (Thus the conundrum.)

I would never submit my password to a “password testing site”. But when you test it yourself, you have massive selection bias.

Ideally, use a perfectly random password (stored in a password mananger). Max length that a website or service will accept. And use multifactor authentication.

Yes, I've set up two factor authentication for every possible.

I use Pass as password manager , encrypted with Gpg.

Dropped using Passports, using pass phrases, combination of 2-3 words.

Though, I am manually coming up with pass phrase rather than any system.

I am actually asking to show demostration how an existing password is week for others.

Others will not buy my words.

I will the result of a test, phrase.

Screen shot is foss app for passphrase generator though, I dont use it


@noorul - Yeah, I don’t know. I’d have to look at the wordlist and see how long it would take to generate strings from it.

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.