Friday, October 26, 2007

Password Cracking: Speed Increased.

Another good idea come up from Elcomsoft .
Their password crack software uses GPU accelerator instead CPU in order to increase the cracking velocity.To know more about this fast method read advertising this paper . This topic arrives at the same time of a passwords security brief that I'm summarizing for a note Italian Magazine for this reason I feel very close to this kind of problem. As I'm writing the password chose is really important to guarantee enterprise safety. Using Mnemonic Password Formula (MPF) in a world where every service is owned by different account has  become capital. MPFs are easy to remember for the end user and hard to crack in fact they follow a random character probabilistic distribution. The following pictures represent easy but useful Mnemonic Passwords Formula.






Examples that respect this grammar are the following:

  1. "m@b.m", that's means Marco Ramilli at www.blogger.com

  2. "b@c.u", that's means Matt Bishop at cs.ucdavis.edu


Another password formula useful and easy to remember is the following:





Where the initial number represents the typology of the password. For instance the number "0" can represents that password is used for private purpose instead "1" for work purpose.

  1. "0:m@b.m;", that's means Marco Ramilli at www.blogger.com as personal password

  2. "1:b@c.u;", that's means Matt Bishop at cs.ucdavis.edu as work password


These are just few example of MPF power, to learn more about these formulas follow these liks:
[1] Bugaj, Stephan Vladimir. More Secure Mnemonic-Passwords: User-Friendly
Passwords for Real Humans”
[2] Kotadia, Munir. Microsoft Security Guru: Jot Down Your Passwords
[3] Williams, Randall T. The Passphrase FAQ
[4] Jeff Jianxin Yan and Alan F. Blackwell and Ross J. Anderson and Alasdair
Grant. Password Memorability and Security: Empirical Results

No comments: