• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Question with passwords

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Programming and More

View previous topic :: View next topic  

Which is safer?
A random 32char long password
0%
 0%  [ 0 ]
Two random 16char long passwords (like a username and a password)
75%
 75%  [ 3 ]
They're the same
25%
 25%  [ 1 ]
Total Votes : 4

Author Message
kevinevans
Just Arrived
Just Arrived


Joined: 11 Aug 2010
Posts: 0


Offline

PostPosted: Wed Aug 11, 2010 9:41 pm    Post subject: Question with passwords Reply with quote

I'm writing a lightweight accounting system, and I'm wondering which is safer to use (I only want to use 32chars):
- A random 32char long password
- Two random 16char long passwords (like a username and a password)

I keep thinking they're the same, but I'm thinking that the 2nd option is safer.

Thanks

PS: by random, I mean [0-9A-Za-z] (62 chars)
edit: Added a poll, incase somebody is too lazy to post in the thread Wink
Back to top
View user's profile Send private message
Fire Ant
Trusted SF Member
Trusted SF Member


Joined: 27 Jun 2008
Posts: 3
Location: London

Offline

PostPosted: Sat Aug 14, 2010 5:44 pm    Post subject: Reply with quote

Sorry to shoot you down, but....

Maybe you shouldn't have posted this as a poll. I hate polls and surveys because they limit your answers. Am I to pick whats best out of your 3 suggestions? TBH, your suggestions are great and the question you pose is very generic. I mean, what is safer? What do you mean? Safer for who?

One of your suggestions is...hoe can I put this nicely, very misleading.
Quote:
Two random 16char long passwords (like a username and a password)


Whats the difference between this and a 32char random password? Is the user name random? If so then option 1 and 2 are the same?

I think you are limiting yourself here. Maybe you could put some more context around this. Is this for a machine/service account or a user account? etc

Very Happy

Fire Ant
Back to top
View user's profile Send private message
hitech
Just Arrived
Just Arrived


Joined: 23 Aug 2010
Posts: 0


Offline

PostPosted: Fri Sep 03, 2010 8:48 am    Post subject: Reply with quote

I also think that 2nd is batter way.
Back to top
View user's profile Send private message
blackandwhitebg
Just Arrived
Just Arrived


Joined: 18 Oct 2010
Posts: 0


Offline

PostPosted: Mon Oct 18, 2010 3:11 pm    Post subject: Reply with quote

If the attacker is using Brute Force 2 x 16 chars is much more secure in case the user name is unknown.
Back to top
View user's profile Send private message
izang
Just Arrived
Just Arrived


Joined: 11 Oct 2010
Posts: 0
Location: Philippines

Offline

PostPosted: Tue Oct 19, 2010 5:38 am    Post subject: Reply with quote

I think your options are kind of the same. But If I were to choose between the two, I think I'll prefer to use number 2 strategy for my password.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Programming and More All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Looking for more Windows Networking info?

Sign up to the WindowsNetworking.com Monthly Newsletter, written by Enterprise Security MVP Deb Shinder, containing news, the hottest tips, Networking links of the month and much more. Subscribe today and don't miss a thing!
View a sample newsletter.

Become a WindowsNetworking.com member!

Discuss your Windows Networking issues with thousands of other Windows Newtorking experts. Click here to join!

Community Area

Log in | Register

Readers' Choice

Which is your preferred data recovery solution?

Follow TechGenix on Twitter