posted on Jul, 14 2013 @ 07:43 AM
Cracking passwords is a combination of art and science. The above stats seem to address the science part of the game... that is to say using a brute
force password cracker against a completely unknown password scheme by using a predefined dictionary and predefined modifiers ( All dictionary words
plus all dictionary words interspersed with cardinal numbers - which would likely be 1-10 plus all years since say 1950 until now )
This does not address the art aspect of the game.
Most people tend to use passwords that they can easily remember... things that have meaning in their own lives. Kids names, birthdates, pets names,
streets they live on, spouses name, hobbies, favorite bands, favorite movies, and so forth. For example a big Star Wars fan might use the password
"BobaFett". Because this Star Wars fan has read articles like this one - he might have appended his password to "BobaFett1".
Now if we are a person interested in accessing dear Mr BobaFett1's account - we might start by Googling him and reading his social networking site
posts, his blog entries, his listed email addresses, etc.
We would research him a bit and glean all we could from the public domain... then we could create a brute force list that is very, very specific to Mr
BobaFett1. Even a moderately skilled person should be able to locate a phone number, home address, potentially previous addresses, spouses name, kids
names... and with some work.. birthdates for any or all. In our quest for info we've found that Mr BobaFett loves Star Wars... so we are armed to
include, in our brute force dictionary, all Star Wars specific names - coupled with our choice of numeric modifiers.
Long story short? As long as we haven't tried to crack anything that has limited password attempts? We're into Mr Fetts information within 15-30
If this happens to be his web based email account we might have just hit the jackpot - as many people store those "Thanks for joining... your
username and password are" messages we get whenever we sign up for stuff.
There are password solutions that make it very, very difficult for ne'er do wells to get entry into your accounts - though none are fool proof. If
skilled and well equipped people ( Big Brother ) want into your accounts... they will get in if they want to badly enough, The best trick for the
average PC user is simply to not be lazy. Do NOT create passwords with the priority that they are easy to remember... choose them with the priority
that they are totally difficult to break. Something random, with numbers, symbols, and letters ( case included ) all randomized.
Ask Mr Fett... his bank account emptied one day and now his password is !Hb@IyJ8Gf9#. He gets irked every single time he's got to find his notepad
just to log in... but his bank account balance has been stable for months now.