Date registered: Aug 2005
Vehicle: 1972 250C, Ducati ST
Location: Norfolk, Virginia
Mentioned: 0 Post(s)
Quoted: 0 Post(s)
Think you have a strong password? Think again.
Here's a sobering thought for those of us that have dozens of passwords rattling around in our heads (or even worse - only one password for a bunch of different accounts/services).
I went into work today and found that my Windows NT account was disabled. I called the computer department and was told that during a periodic audit, my password had been cracked and that I would need to re-set my account using a "stronger" password.
I wouldn't have been surprised if I had been using my wife's name, my birthdate, or an extremely short/simple password, but that wasn't the case. Here's what my password WAS that they cracked:
Ten characters long, using uppercase, lowercase, a number and a punctuation mark. In addition, there was no sequence of letters that would have shown up in any dictionary, so they obviously cracked it using a brute-force attack.
The tech told me that the attack had been made easier because the number and punctuation marks were at the end of the password. Had the number and punctuation marks been interspersed with the letters throughout the password, it would have been much more difficult to crack.
I don't know what kind of software/hardware they used for the attack, or how long it took, but I've since replaced ALL of my passwords with much stronger ones. It was also a little sobering because since that was my password for the classified LAN, that was one of my stronger passwords to begin with.