GET RID OF THE F****** CAPTCHA! - Page 2

GET RID OF THE F****** CAPTCHA!

Various things about Spring that do not fit in any of the other forums listed below, including forum rules.

Moderator: Moderators

User avatar
Forboding Angel
Evolution RTS Developer
Posts: 14673
Joined: 17 Nov 2005, 02:43

Re: GET RID OF THE F****** CAPTCHA!

Post by Forboding Angel »

Passwords should be no less than 12 characters using a mix of upper and lower case letters with numbers and symbols.

An easy way yo generate a secure password that is easy to learn and remember... Come up with a password of sufficient length, then, run it through a leet speek generator.
User avatar
SinbadEV
Posts: 6475
Joined: 02 May 2005, 03:56

Re: GET RID OF THE F****** CAPTCHA!

Post by SinbadEV »

Any password with non-keyboard-characters is essentially un-guessable (because the scripts didn't even try them) while being easy to remember... I once used a password with a ╬▓ in place of a B in a dictionary word for example.

The way to do this is to figure out the keystroke for the character.

for example if you have a password of "password§" you would type it as
p a s s w o r d ALT( 7 8 9 ) which is really easy to remember but is about 3 orders of magnitude less likely to be guessed.
User avatar
SinbadEV
Posts: 6475
Joined: 02 May 2005, 03:56

Re: GET RID OF THE F****** CAPTCHA!

Post by SinbadEV »

"mercury" on the other hand was pretty easy!
User avatar
smoth
Posts: 22309
Joined: 13 Jan 2005, 00:46

Re: GET RID OF THE F****** CAPTCHA!

Post by smoth »

Forboding Angel wrote:Passwords should be no less than 12 characters using a mix of upper and lower case letters with numbers and symbols.
if this was my bank and not some shit community maybe.
User avatar
Pxtl
Posts: 6112
Joined: 23 Oct 2004, 01:43

Re: GET RID OF THE F****** CAPTCHA!

Post by Pxtl »

smoth wrote:
Forboding Angel wrote:Passwords should be no less than 12 characters using a mix of upper and lower case letters with numbers and symbols.
if this was my bank and not some shit community maybe.
This. The system will punt any bot that keeps attempting over and over again. You want to be out of the first 10,000 guesses, not the first billion. Just don't be the low-hanging fruit, that's all.
User avatar
smoth
Posts: 22309
Joined: 13 Jan 2005, 00:46

Re: GET RID OF THE F****** CAPTCHA!

Post by smoth »

I am so confused by your post
User avatar
SinbadEV
Posts: 6475
Joined: 02 May 2005, 03:56

Re: GET RID OF THE F****** CAPTCHA!

Post by SinbadEV »

Hacker posing as SinbadEV wrote:"mercury" on the other hand was pretty easy!
Jerk Face... I hate you forever... I liked that password.
User avatar
Forboding Angel
Evolution RTS Developer
Posts: 14673
Joined: 17 Nov 2005, 02:43

Re: GET RID OF THE F****** CAPTCHA!

Post by Forboding Angel »

smoth wrote:
Forboding Angel wrote:Passwords should be no less than 12 characters using a mix of upper and lower case letters with numbers and symbols.
if this was my bank and not some shit community maybe.
I have 6 passwords of varying strength that I use. For most things I use 16 character mixed upper lower numbers and symbols, and that one is what I consider to be one of my less secure ones.

My paypal account is guarded by 20 characters same as above, and my most secure pass that I only use for one thing is 32 characters same as above (I hide all the midget on goat porn behind that one... oh and bank stuff :-)).

Basically if you wanna learn a new password, set it as your winbloze logon password. Within a few days you'll have it memorized.
User avatar
smoth
Posts: 22309
Joined: 13 Jan 2005, 00:46

Re: GET RID OF THE F****** CAPTCHA!

Post by smoth »

I have 8 and I use them on my email and bank for cycling

all my online games use the same password.
all my job search sites use the same ones.

only spring sites get bullshit passwords because this place is filled with dicks I never expose my bank or email cycle passwords to this ass filled sandwich.

this site doesn't warrant using good password.
User avatar
knorke
Posts: 7971
Joined: 22 Feb 2006, 01:02

Re: GET RID OF THE F****** CAPTCHA!

Post by knorke »

grrr grrr my password is 123 grrr grrr take that spring :regret: :shock: :roll:

so uhm lately i did not get the captcha anymore i think this means they have my password now?
User avatar
Pxtl
Posts: 6112
Joined: 23 Oct 2004, 01:43

Re: GET RID OF THE F****** CAPTCHA!

Post by Pxtl »

You have no idea teh rage-face I had when I found my bank had a 12-char password limit
User avatar
Wombat
Posts: 3379
Joined: 15 Dec 2008, 15:53

Re: GET RID OF THE F****** CAPTCHA!

Post by Wombat »

Image
and plz no longer pass, my brain wont handle...
User avatar
smoth
Posts: 22309
Joined: 13 Jan 2005, 00:46

Re: GET RID OF THE F****** CAPTCHA!

Post by smoth »

longer pass means diddle. If it is a bot, it has all the time in the world. Unless you move to a full sentence you are just wasting time. Even then all the bot has to do is be more aggressive and use a few more zombies and boom now the bandwidth is choked as well. Just fing get over it, there is no such thing as security.
User avatar
momfreeek
Posts: 625
Joined: 29 Apr 2008, 16:50

Re: GET RID OF THE F****** CAPTCHA!

Post by momfreeek »

err, actually seeing as each additional character multiplies the number of potential combinations by >50 increasing length of password is very effective. +3 letters = 50*50*50 = 12500 x more power needed to crack. If it took one PC at 8 letters it takes 100 million pcs at 14 letters.
User avatar
MidKnight
Posts: 2652
Joined: 10 Sep 2008, 03:11

Re: GET RID OF THE F****** CAPTCHA!

Post by MidKnight »

A fun read:
http://www.codinghorror.com/blog/2007/0 ... cking.html

The verdict?
Use lots of letters, use symbols, make sure your software is solid.
Oh, and send me a copy of the password, too. :regret:
User avatar
momfreeek
Posts: 625
Joined: 29 Apr 2008, 16:50

Re: GET RID OF THE F****** CAPTCHA!

Post by momfreeek »

these rainbow tables are only useful if you have the hashed password values aren't they? which would mean the server is already compromised.
User avatar
knorke
Posts: 7971
Joined: 22 Feb 2006, 01:02

Re: GET RID OF THE F****** CAPTCHA!

Post by knorke »

if i understand this correct, yes.
They can turn passwords that are stored encrypted into readable passwords but you still have to steal the encrypted passwords first.
And if they are encrypted with a slightly algorithm, the rainbow tables will not work either. You would have to generate new tables with this algorithm and seeing how these tables are multiple GB large, that would take some time i think. And you would have to know the used algorithm too.
SirMaverick
Posts: 834
Joined: 19 May 2009, 21:10

Re: GET RID OF THE FUCKING CAPTCHA!

Post by SirMaverick »

knorke wrote:lol@move from "Development" to "General".
shouldnt this be in "Site content"?
It's neither about spring development nor about site content.
knorke wrote:They can turn passwords that are stored encrypted into readable passwords but you still have to steal the encrypted passwords first.
And if they are encrypted with a slightly algorithm, the rainbow tables will not work either. You would have to generate new tables with this algorithm and seeing how these tables are multiple GB large, that would take some time i think. And you would have to know the used algorithm too.
They steal encrypted passwords but don't look at algorithm? Unlikely.
User avatar
knorke
Posts: 7971
Joined: 22 Feb 2006, 01:02

Re: GET RID OF THE F****** CAPTCHA!

Post by knorke »

They steal encrypted passwords but don't look at algorithm? Unlikely.
They steal encrypted passwords look at algorithm but don't directly manipulate the accounts or w/e?
Unlikely. :roll:

But even if you know the algorithm you can not (simply) get a readable password from a passwordhash. Afaik that is the purpose of hashs?
ie md5 algorithm is not secret:
http://en.wikipedia.org/wiki/MD5#Pseudocode
Only thing you can do is
knorke wrote:generate new tables with this algorithm and seeing how these tables are multiple GB large, that would take some time i think.
User avatar
Forboding Angel
Evolution RTS Developer
Posts: 14673
Joined: 17 Nov 2005, 02:43

Re: GET RID OF THE F****** CAPTCHA!

Post by Forboding Angel »

ITT, Holy Hand Grenade of Antioch.
Post Reply

Return to “General Discussion”