Security question - how safe is our password/account?
-
IF you go to the plethora of email accounts you will find many with passwords that are easily hacked because people use their pet names etc. This can be the case here or am I mistaken?
-
@MikeMike I had a test account with a weak password - only 16 characters - it got hacked.Brute forcing is possible, but if you use the wallet generated passwords, you're pretty safe. You can always append to the recommended one to make it even harder.
-
@Jumper tell me, and just me how you did it, or your post is just FUD and I'll delete this thread. If there is a reproducible way to compromise an account, tell me what it is.
-
@haitch and we will fix it :) or at least someone from devs :D
-
@Zeus From memory there are about 1,300 words in the wallet dictionary for generating passwords. That gives a password complexity of about: 3.15951902191631E+3485 - that's 3 followed by 3,485 0's possible passphrases. For comparison, the upper range for the number of atoms in the entire universe is around 1E+82
I'm too tired to do the math to work out how much more complex the possible passphrases are - but trust me, it's a friggin lot - more than the atoms in the universe ........
-
@haitch Good idea, just delete this, because it only just get people scared of things that should not be a concern, everyone knows that a freaking "123456" password is hackable, here and anywhere else.
Yes I know that there is A LOT of generated words possibilities, even with that it's extremely hard to get an active working burst wallet.
I still hold some pre-generated passphrases.
-
@Zeus I'll give @Jumper an opportunity to respond - but if he doesn't provide proof, then this is gone.
-
you can but you should not delete such threads!
@Jumper If you can and are able to do so, please help! Otherwise such a comment is just plain bashing!
And maybe, just maybe you've got that passphrase from someone accidentally pasting it into your local chat?!
A bit like you did some months back;-)
-
@haitch said in Security question - how safe is our password/account?:
@MikeMike I had a test account with a weak password - only 16 characters - it got hacked.Brute forcing is possible, but if you use the wallet generated passwords, you're pretty safe. You can always append to the recommended one to make it even harder.
This is the method I personally use "append the generated password" and saw they were so far bullet proof so added to them. For some reason I never use anything self generated if there is an option not to.
-
The auto generated passphrase with 12 words from the list of 1300 words is safe until the sun explodes. It has exactly an entropy of 128 bit. Everybody who is interested should look up "entropy 128 bit" for further information.
I can do this magic trick also:
http://burstcoin.biz/address/6578204074179904234
Tadaa
-
@daWallet I'm confident the wallet generated passphrase is safe - the one that got hacked was user (me) generated.
I'll be dead before my passphrases get hacked.
-
so he cant target hack anyone's wallet ... the best anyone could do is set up a prog running the known words in the DB for auto generate wallet and hope to get lucky with brute force.
-
@Gibsalot there are 10 ^ 3400 ( close estimation) potential password phrases - they will not be cracked in our lifetime
-
like the auto generated pass phrase i use the 12 word system and build upon it. for instance ... choose 3 songs take a string of lyrics from each combine them to make 1 string that sounds kinda funny but you can remember it, then proceed to add capital's and numbers however you see fit ...
-
@haitch @daWallet @luxe
Come on guys...
Just check at this moth******** account history,
Just FUDing the forums, just check tread names...edit: deleted that line ;)
Just delete it.
-
Some pretty good info in the above posts to put in the new thread/OP page possibly about the effectiveness of the self generated password and option to even add to that.
So, Thanks! to Elmer Fud... lol
-
@MikeMike said in Security question - how safe is our password/account?:
Some pretty good info in the above posts to put in the new thread/OP page possibly about the effectiveness of the self generated password and option to even add to that.
So, Thanks! to Elmer Fud... lolYou're right ... !
Just delete the guy! ;-)
-
@haitch said in Security question - how safe is our password/account?:
the one that got hacked was user (me) generated.
The account he got into was yours? I even thought that it could be an account of him LOL
I talked with @Zeus about this and i thought he could be done some reverse engeneering in the addresses but he explained me why that is not possible and i rest assured xD
-
@gpedro No - it happened about a year ago. Really insecure password, small miner - lost a few thousand Burst.
Hacking a "normal" passphrase is not realistic.
-
@haitch Oh ok so that address could even still belong to himself and he just wanted to plant the panic xD
I've seen some not good posts of @Jumper in the last few days what would explain a bit if he is just planting the panic xD



