-
Welcome to B4X forum!
B4X is a set of simple and powerful cross platform RAD tools:
- B4A (free) - Android development
- B4J (free) - Desktop and Server development
- B4i - iOS development
- B4R (free) - Arduino, ESP8266 and ESP32 development
The importance of strong passwords...
- Thread starter Mashiane
- Start date
- Similar Threads Similar Threads
So the length of password is more important, I see.
I doubt that this table is worth something. the reason is that in almost all websites there is a certain limit of tries it allows you to enter your password. after that number your account is normally locked and you need to unlock it via email, etc.
Besides, most websites today use 2-way verification like sending SMS to your phone, so this table only shows how powerful PCs are today but not how easy it is to hack your password.
Besides, most websites today use 2-way verification like sending SMS to your phone, so this table only shows how powerful PCs are today but not how easy it is to hack your password.
A good password system will have a max. number of attempts and an increasing time between authentication requests to counter measure the brute-force method.
For a single attack, even 4 digit passwords will take time. Considering there are 10.000 possibilities and you can only do 4 before the I.P. gets blacklisted for 15/30/60/120/240/480/etc minutes ....
That is why hacker groups use botnets, they hit a server with a few hundred different I.P.s all farming on different password ranges, this way the odds will favor the attacker.
With this in mind, the times presented on the chart seem correct.
Out of curiosity a cloned phone number and SMS verification was part of the method used to hack Vodafone Portugal servers and bring the entire mobile network down, last February.
For a single attack, even 4 digit passwords will take time. Considering there are 10.000 possibilities and you can only do 4 before the I.P. gets blacklisted for 15/30/60/120/240/480/etc minutes ....
That is why hacker groups use botnets, they hit a server with a few hundred different I.P.s all farming on different password ranges, this way the odds will favor the attacker.
With this in mind, the times presented on the chart seem correct.
SMS verification is considered unsafe since 2005, because phone numbers can be cloned. And that is why in the E.U. Banks are ending the use that method for home banking.
Out of curiosity a cloned phone number and SMS verification was part of the method used to hack Vodafone Portugal servers and bring the entire mobile network down, last February.
Last edited:
Sorry I don't think this is correct, as most banks in India insist on 2-step login/fund transfer verification using SMS pin code. I do not know about UK though. But I know GMail also uses SMS as 2-step login verification.
The problem with us programmers is that we always think a solution of a problem as logic steps.
- ask user name and pass
- verify
- next steps etc.
Still today we read in newspaper how by simple phone call to senior citizens criminals are siphoning out all their hard earned money. They put fear in victims mind so that they do not get time to think rationally. And when they find out, it is too late.
Well, a professional (honest or criminal) should always stay ahead of competition 
When you discover to have some skills and knowledge is up to you how to use them.
I often refer to the "knife example": you could use it to ease food cutting or to kill someone. The knife itself is "neutral".
So they are the knowledge and the skills we develop.
When you discover to have some skills and knowledge is up to you how to use them.
I often refer to the "knife example": you could use it to ease food cutting or to kill someone. The knife itself is "neutral".
So they are the knowledge and the skills we develop.
but the username is the same so it will not help much. the username will be blocked. try to do something like this in google.com
i use in many accounts 2-way verification and in my opinion, it is safe enough. if it would not be safe enough banks, google, amazon, would not use it.
This is why I always use 3 numbers > 123 sometimes I follow this with these characters >> easy - why fight the flow - do the unexpected - - - - -