[LINK] Guidance re Passwords

Gordon Keith gordonkeith at acslink.net.au
Wed Jul 27 09:51:45 AEST 2011


On Tue, 26 Jul 2011 06:22:11 PM eric scheid wrote:
> On 26/7/11 2:05 PM, "Gordon Keith" <gordonkeith at acslink.net.au> wrote:
> > Then always use the shift key when typing in numbers (you can't see them
> > anyway and funny characters are stronger than numerics):
> 
> No. Funny characters in _combination_ with numerics are stronger.
> 
> Otherwise it's like claiming a password in ALLCAPS is stronger than one in
> all lowercase.

Funny characters in combination with numerics is definitely stronger.

However, there seems to be plenty of examples where rainbow tables are 
generated for alphanumerics only because they can handle the majority of 
passwords and are small enough for current PC hardware, while rainbow tables 
for alphanumerics and funnies are still a little large for PC hardware.

So I would argue that shifting all your numerics does make passwords 
marginally stronger.

But I'm not willing to argue it's a big margin.

Regards
Gordon




More information about the Link mailing list