News - Does Microsoft's Telepathwords know what you will type next?
Quote:
Experimental tool is supposed to help prevent weak passwords.
Read more.
Re: News - Does Microsoft's Telepathwords know what you will type next?
Re: News - Does Microsoft's Telepathwords know what you will type next?
What happened to 'God', 'Sex', 'Love' and 'Secret'? :D
Re: News - Does Microsoft's Telepathwords know what you will type next?
Might be the wrong thing to say, but I really quite like these kinds of tools as ways to train folks not to use dumb passwords. Remember using GRC's "password haystack" with a cub pack doing their "computer" badge, and them taking great delight in trying to find the shortest and longest crack time passwords.
As to this one though - I think the presentation could be better - even if it did a traffic light display for the predicted and non-predicted passwords. My default password didn't do very well - I really need to go around and change every account that uses it! :o
Quote:
Originally Posted by
Ttaskmaster
What happened to 'God', 'Sex', 'Love' and 'Secret'? :D
That sounds like a tabloid headline.
Re: News - Does Microsoft's Telepathwords know what you will type next?
how to get people willingly submit their most pressures passwords - ohh just ask them !!!
Re: News - Does Microsoft's Telepathwords know what you will type next?
precious not pressures - crap auto correction...
do I trust M$ to encrypt those passwords? - no
do I trust M$ to secure this page well enough so no hacker can take control over it - HELL NO!!!
Re: News - Does Microsoft's Telepathwords know what you will type next?
Answering the question of whether MS knows what I'll type next in a password, no, because if it's a password to anything that matters, it will be generated from a random colle tion of alpha, alphanumeric and other characters. I do NOT use words of any sort, and I keep passwords long enough, and complex enough, to be very hard indeed to crack. Heaven help me if I lose my password list.
Re: News - Does Microsoft's Telepathwords know what you will type next?
Quote:
Originally Posted by
Saracen
Heaven help me if I lose my password list.
I'm very sure that you keep your password list under lock and key and very secure but just saying rather than trying to guess your passwords we just need to steal your list instead. :)
Re: News - Does Microsoft's Telepathwords know what you will type next?
Mycatisblackandfurry is a stronger password than a&Tn!0Zm3. Why?
- Because it has more characters, making it exponentially more difficult to brute force
- Because it is easier to remember, making it less likely that you will need to write the password down somewhere
- Because most dictionary attacks do not account for sentence structure, only words next to each other.
Re: News - Does Microsoft's Telepathwords know what you will type next?
Quote:
Originally Posted by
moeburn
Mycatisblackandfurry is a stronger password than a&Tn!0Zm3. Why?
- Because it has more characters, making it exponentially more difficult to brute force
- Because it is easier to remember, making it less likely that you will need to write the password down somewhere
- Because most dictionary attacks do not account for sentence structure, only words next to each other.
Get yourself over to How big is your haystack @GRC. That's got the best explanation why length might beat complexity.
Oh and "Mycatisblackandfurry2!" is a better password. :) I'd tend to use the second of your passwords rather than the first merely because I use a password manager so complexity really isn't an issue, but if I come across a dumb site that doesn't allow the full range of character types then, like you, I'd go for something long.
Re: News - Does Microsoft's Telepathwords know what you will type next?
password
123456
birth date
PS. I don't like the name MS used for this - Telepathwords? WTH!!
Re: News - Does Microsoft's Telepathwords know what you will type next?
Quote:
Originally Posted by
Kanoe
I'm very sure that you keep your password list under lock and key and very secure but just saying rather than trying to guess your passwords we just need to steal your list instead. :)
Erm, no you don't.
I take your point, but it wouldn't work. For the very reason you give, I'm not going to say much more, but let me just say, I could give you what's written on my password list, and not a single one of the would work, unless you know how to use them. And that isn't written down anywhere. You'd also need to know where to find the "list", and I'd suggest that even if you got the, erm, file, you'd have a major problem accessing it.
Put it this way. I have some pin numbers written down. But .... in a large block of random numbers, and that block is an aide-memoire. The pin numbers themselves are in there, but hidden. No consecutive 4-digit sequence would produce my pin. It's buried in a way not dissimilar to the old one-time pad encryption method. Unless you know the trick .... ;)
And, by the way, I very carefully didn't say what those pin numbers are for, but you can take it as read it isn't what most people will have assumed.
You may not know me very well, Kanoe, but if you did, you'd know if it was as simple as stealing the list, I wouldn't have said what I did in the first place.
Re: News - Does Microsoft's Telepathwords know what you will type next?
Quote:
Originally Posted by
crossy
That sounds like a tabloid headline.
It's a movie reference to Hackers (1995).
To see how "Elite" Johnny Lee Miller's character is , the other hackers quiz him on stuff, including asking what the most common passwords are - The above was the answer, which gets mentioned a couple of times in the film.
Apparently, it was correct at the time of filming, as well...
Re: News - Does Microsoft's Telepathwords know what you will type next?
Quote:
Originally Posted by
Ithilstone
precious not pressures - crap auto correction...
do I trust M$ to encrypt those passwords? - no
do I trust M$ to secure this page well enough so no hacker can take control over it - HELL NO!!!
Seems your autocorrect is also stuck replacing S with $ as well, it's making you look a bit $illy.
Re: News - Does Microsoft's Telepathwords know what you will type next?
Quote:
Originally Posted by
Saracen
Erm, no you don't.
I take your point, but it wouldn't work. For the very reason you give, I'm not going to say much more, but let me just say, I could give you what's written on my password list, and not a single one of the would work, unless you know how to use them. And that isn't written down anywhere. You'd also need to know where to find the "list", and I'd suggest that even if you got the, erm, file, you'd have a major problem accessing it.
Put it this way. I have some pin numbers written down. But .... in a large block of random numbers, and that block is an aide-memoire. The pin numbers themselves are in there, but hidden. No consecutive 4-digit sequence would produce my pin. It's buried in a way not dissimilar to the old one-time pad encryption method. Unless you know the trick .... ;)
And, by the way, I very carefully didn't say what those pin numbers are for, but you can take it as read it isn't what most people will have assumed.
You may not know me very well, Kanoe, but if you did, you'd know if it was as simple as stealing the list, I wouldn't have said what I did in the first place.
As you are (metaphorically speaking) the owner of the world's thickest tin-foil helmet I am genuinely shocked you have a list at all. After all the Germans didn't think Enigma could be cracked...
I'd have assumed you would be using championship memory techniques to remember long sequences of randomly generated characters that you generated on an air-gapped computer that you secure wipe after each use...
Re: News - Does Microsoft's Telepathwords know what you will type next?
Quote:
Originally Posted by
kingpotnoodle
Seems your autocorrect is also stuck replacing S with $ as well, it's making you look a bit $illy.
No, those are just Micro$oft'$ hidden charges for things. All large businesses have them, apparently. Either that, or they're the hidden profits that allow so many of our companies (my own employer included) to dodge tax payments lately, heh heh!
Quote:
Originally Posted by
kingpotnoodle
I'd have assumed you would be using championship memory techniques to remember long sequences of randomly generated characters that you generated on an air-gapped computer that you secure wipe after each use...
I use things that are memorable to me, the characters for which mean something only to me and are not connected to the memory in any way. Even if you knew me very well (better than my wife, for example), spoke fluent Elvish and Kingon and were able to look through my own eyes at the memory, it'd still make no sense and you'd not find a way to divine the actual passwords.
Conversely, all this security takes me an hour just to log in to my flippin' email!! :laugh: