Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Guides - Privacy & Security Tips
How secure is your password?
Message
<blockquote data-quote="viktik" data-source="post: 384599" data-attributes="member: 12848"><p>They keep hash database of passwords. Still they are not using SHA-3 (512bit).</p><p></p><p>Even if they have SHA-3 (512bit) hash database it won't work.</p><p>If i used "cat" as password then it would be very easy to crack. But i am using the hash value "B2FAF80C85BD36029DC3F804CBF439888FD1CA195AB0E3DECB872F8AA9EF767E4866186EBB8B5ECFA1237147A94775F8302648BE0FD0AE3A6EBBDF931F423360" as password. So normally they will be searching for hash value of this password, which will be "F1650CB4543DCC9E4B855541054295F43DE0CADAB9071D96187119855E136E743CE855E143258ED05348682416231CB7178A554D577B25600463DA21AEFA10EF" if SHA-3 (512bit) is used . They will never find the match.</p><p></p><p></p><p>How about doing multiple hash?</p><p>hashing "cat" gets "B2FAF80C85BD36029DC3F804CBF439888FD1CA195AB0E3DECB872F8AA9EF767E4866186EBB8B5ECFA1237147A94775F8302648BE0FD0AE3A6EBBDF931F423360"</p><p></p><p></p><p>hashing "B2FAF80C85BD36029DC3F804CBF439888FD1CA195AB0E3DECB872F8AA9EF767E4866186EBB8B5ECFA1237147A94775F8302648BE0FD0AE3A6EBBDF931F423360"</p><p>gets</p><p>"F1650CB4543DCC9E4B855541054295F43DE0CADAB9071D96187119855E136E743CE855E143258ED05348682416231CB7178A554D577B25600463DA21AEFA10EF"</p><p></p><p></p><p></p><p></p><p>[ATTACH=full]57090[/ATTACH]</p><p></p><p>hashing "F1650CB4543DCC9E4B855541054295F43DE0CADAB9071D96187119855E136E743CE855E143258ED05348682416231CB7178A554D577B25600463DA21AEFA10EF"</p><p>gets</p><p></p><p>"AE7F5C8C097A0F2C217BDF86F1992070D419C3E3DC6A90BA8A0C517716E9C3C1AB23D7E50FF248D2C78F4309B1C5F63A34FC5355F60B7BBD3EDFE4B330419684"</p><p></p><p>this final hash value will be used as password.</p><p></p><p>user needs to remember three things</p><ul> <li data-xf-list-type="ul">Easy word "cat"</li> <li data-xf-list-type="ul">The hash function SHA-3 (512bit)</li> <li data-xf-list-type="ul">Number of times hash was done : 3</li> </ul><p>Anyone trying to crack it using general method will fail, unless he knows all the three thing mentioned above</p><p></p><p>[ATTACH=full]57091[/ATTACH]</p><p></p><p></p><p></p><p></p><p>what if i concatenate all three hashes to get even more lenghty password : "B2FAF80C85BD36029DC3F804CBF439888FD1CA195AB0E3DECB872F8AA9EF767E4866186EBB8B5ECFA1237147A94775F8302648BE0FD0AE3A6EBBDF931F423360F1650CB4543DCC9E4B855541054295F43DE0CADAB9071D96187119855E136E743CE855E143258ED05348682416231CB7178A554D577B25600463DA21AEFA10EFAE7F5C8C097A0F2C217BDF86F1992070D419C3E3DC6A90BA8A0C517716E9C3C1AB23D7E50FF248D2C78F4309B1C5F63A34FC5355F60B7BBD3EDFE4B330419684"</p><p></p><p>this is 384 character password. it cannot be found in any database. Obviously it cannot be cracked.</p><p></p><p></p><p>hashing "cat" ten times using SHA-3(512 bit) we get hashes</p><p></p><p>cat</p><ol> <li data-xf-list-type="ol">B2FAF80C85BD36029DC3F804CBF439888FD1CA195AB0E3DECB872F8AA9EF767E4866186EBB8B5ECFA1237147A94775F8302648BE0FD0AE3A6EBBDF931F423360</li> <li data-xf-list-type="ol">F1650CB4543DCC9E4B855541054295F43DE0CADAB9071D96187119855E136E743CE855E143258ED05348682416231CB7178A554D577B25600463DA21AEFA10EF</li> <li data-xf-list-type="ol">AE7F5C8C097A0F2C217BDF86F1992070D419C3E3DC6A90BA8A0C517716E9C3C1AB23D7E50FF248D2C78F4309B1C5F63A34FC5355F60B7BBD3EDFE4B330419684</li> <li data-xf-list-type="ol">CBBA91B52162FE79666609C0178C3AD043837EA95FBF30D5834D30B7FC4A7C5CC85B040B7DCDEAAAB24EB4DA030A22EC9C3E40B5377C99C1DEAA894970934D09</li> <li data-xf-list-type="ol">208385B1E83A6879D10B274B8A42ADF9E54D515D9B14FB8FC939A39B0A38B1BE61DDEEBDA31845EACAE3BD094ABD75E272A97D68E22D25A275D6D0F84ECEB10E</li> <li data-xf-list-type="ol">8D95E1F68C0E10E1100F55858D78926BA7602CEA9417B358511346E2DE34A3F01DB89DE196E8A76F39660C6A0A28E0E93BF2796DF2040EAFFA549BB8D842EAEF</li> <li data-xf-list-type="ol">02E57A7DA1F486CDB62AD399123B5857969117CA79A9630B21C1C45913B4FBE4055AF1221E01FD748975DD64622556F187516131DCB5E4EC5CCD40B117C489D7</li> <li data-xf-list-type="ol">80E323CDB602CFF4C42005850F278C9A2CE05DB0035EB1EC75F837A57CEA9B2B0022050CA0623D56EABCF74E2FC2522F340103C94B175D83B4D5196C9150D6FB</li> <li data-xf-list-type="ol">EC0DFCFF56DD2C611F59E934FB3C3100E8AF474FEED754131E68CA76713D1797A7374F007BC610B625FBE2917941B6DE3E28F8E1751F51E2C3B4CEE7E0523406</li> <li data-xf-list-type="ol">6CE9EBE1C3BD3E85F5BE7695F8580EA842F66780343CFF578400D4D73AC3D23FF2BE6749481ED471A7CD97304CC6C16FC7EED959A7B56BEF7D3BB8AA5935B5F8</li> </ol><p></p><p>What if we concatenate hashes from 6 to 10 to get password</p><p>8D95E1F68C0E10E1100F55858D78926BA7602CEA9417B358511346E2DE34A3F01DB89DE196E8A76F39660C6A0A28E0E93BF2796DF2040EAFFA549BB8D842EAEF02E57A7DA1F486CDB62AD399123B5857969117CA79A9630B21C1C45913B4FBE4055AF1221E01FD748975DD64622556F187516131DCB5E4EC5CCD40B117C489D780E323CDB602CFF4C42005850F278C9A2CE05DB0035EB1EC75F837A57CEA9B2B0022050CA0623D56EABCF74E2FC2522F340103C94B175D83B4D5196C9150D6FBEC0DFCFF56DD2C611F59E934FB3C3100E8AF474FEED754131E68CA76713D1797A7374F007BC610B625FBE2917941B6DE3E28F8E1751F51E2C3B4CEE7E05234066CE9EBE1C3BD3E85F5BE7695F8580EA842F66780343CFF578400D4D73AC3D23FF2BE6749481ED471A7CD97304CC6C16FC7EED959A7B56BEF7D3BB8AA5935B5F8</p><p></p><p>This becomes 640 character password. Very hard to guess and obviously impossible to crack</p></blockquote><p></p>
[QUOTE="viktik, post: 384599, member: 12848"] They keep hash database of passwords. Still they are not using SHA-3 (512bit). Even if they have SHA-3 (512bit) hash database it won't work. If i used "cat" as password then it would be very easy to crack. But i am using the hash value "B2FAF80C85BD36029DC3F804CBF439888FD1CA195AB0E3DECB872F8AA9EF767E4866186EBB8B5ECFA1237147A94775F8302648BE0FD0AE3A6EBBDF931F423360" as password. So normally they will be searching for hash value of this password, which will be "F1650CB4543DCC9E4B855541054295F43DE0CADAB9071D96187119855E136E743CE855E143258ED05348682416231CB7178A554D577B25600463DA21AEFA10EF" if SHA-3 (512bit) is used . They will never find the match. How about doing multiple hash? hashing "cat" gets "B2FAF80C85BD36029DC3F804CBF439888FD1CA195AB0E3DECB872F8AA9EF767E4866186EBB8B5ECFA1237147A94775F8302648BE0FD0AE3A6EBBDF931F423360" hashing "B2FAF80C85BD36029DC3F804CBF439888FD1CA195AB0E3DECB872F8AA9EF767E4866186EBB8B5ECFA1237147A94775F8302648BE0FD0AE3A6EBBDF931F423360" gets "F1650CB4543DCC9E4B855541054295F43DE0CADAB9071D96187119855E136E743CE855E143258ED05348682416231CB7178A554D577B25600463DA21AEFA10EF" [ATTACH=full]57090[/ATTACH] hashing "F1650CB4543DCC9E4B855541054295F43DE0CADAB9071D96187119855E136E743CE855E143258ED05348682416231CB7178A554D577B25600463DA21AEFA10EF" gets "AE7F5C8C097A0F2C217BDF86F1992070D419C3E3DC6A90BA8A0C517716E9C3C1AB23D7E50FF248D2C78F4309B1C5F63A34FC5355F60B7BBD3EDFE4B330419684" this final hash value will be used as password. user needs to remember three things [LIST] [*]Easy word "cat" [*]The hash function SHA-3 (512bit) [*]Number of times hash was done : 3 [/LIST] Anyone trying to crack it using general method will fail, unless he knows all the three thing mentioned above [ATTACH=full]57091[/ATTACH] what if i concatenate all three hashes to get even more lenghty password : "B2FAF80C85BD36029DC3F804CBF439888FD1CA195AB0E3DECB872F8AA9EF767E4866186EBB8B5ECFA1237147A94775F8302648BE0FD0AE3A6EBBDF931F423360F1650CB4543DCC9E4B855541054295F43DE0CADAB9071D96187119855E136E743CE855E143258ED05348682416231CB7178A554D577B25600463DA21AEFA10EFAE7F5C8C097A0F2C217BDF86F1992070D419C3E3DC6A90BA8A0C517716E9C3C1AB23D7E50FF248D2C78F4309B1C5F63A34FC5355F60B7BBD3EDFE4B330419684" this is 384 character password. it cannot be found in any database. Obviously it cannot be cracked. hashing "cat" ten times using SHA-3(512 bit) we get hashes cat [LIST=1] [*]B2FAF80C85BD36029DC3F804CBF439888FD1CA195AB0E3DECB872F8AA9EF767E4866186EBB8B5ECFA1237147A94775F8302648BE0FD0AE3A6EBBDF931F423360 [*]F1650CB4543DCC9E4B855541054295F43DE0CADAB9071D96187119855E136E743CE855E143258ED05348682416231CB7178A554D577B25600463DA21AEFA10EF [*]AE7F5C8C097A0F2C217BDF86F1992070D419C3E3DC6A90BA8A0C517716E9C3C1AB23D7E50FF248D2C78F4309B1C5F63A34FC5355F60B7BBD3EDFE4B330419684 [*]CBBA91B52162FE79666609C0178C3AD043837EA95FBF30D5834D30B7FC4A7C5CC85B040B7DCDEAAAB24EB4DA030A22EC9C3E40B5377C99C1DEAA894970934D09 [*]208385B1E83A6879D10B274B8A42ADF9E54D515D9B14FB8FC939A39B0A38B1BE61DDEEBDA31845EACAE3BD094ABD75E272A97D68E22D25A275D6D0F84ECEB10E [*]8D95E1F68C0E10E1100F55858D78926BA7602CEA9417B358511346E2DE34A3F01DB89DE196E8A76F39660C6A0A28E0E93BF2796DF2040EAFFA549BB8D842EAEF [*]02E57A7DA1F486CDB62AD399123B5857969117CA79A9630B21C1C45913B4FBE4055AF1221E01FD748975DD64622556F187516131DCB5E4EC5CCD40B117C489D7 [*]80E323CDB602CFF4C42005850F278C9A2CE05DB0035EB1EC75F837A57CEA9B2B0022050CA0623D56EABCF74E2FC2522F340103C94B175D83B4D5196C9150D6FB [*]EC0DFCFF56DD2C611F59E934FB3C3100E8AF474FEED754131E68CA76713D1797A7374F007BC610B625FBE2917941B6DE3E28F8E1751F51E2C3B4CEE7E0523406 [*]6CE9EBE1C3BD3E85F5BE7695F8580EA842F66780343CFF578400D4D73AC3D23FF2BE6749481ED471A7CD97304CC6C16FC7EED959A7B56BEF7D3BB8AA5935B5F8 [/LIST] What if we concatenate hashes from 6 to 10 to get password 8D95E1F68C0E10E1100F55858D78926BA7602CEA9417B358511346E2DE34A3F01DB89DE196E8A76F39660C6A0A28E0E93BF2796DF2040EAFFA549BB8D842EAEF02E57A7DA1F486CDB62AD399123B5857969117CA79A9630B21C1C45913B4FBE4055AF1221E01FD748975DD64622556F187516131DCB5E4EC5CCD40B117C489D780E323CDB602CFF4C42005850F278C9A2CE05DB0035EB1EC75F837A57CEA9B2B0022050CA0623D56EABCF74E2FC2522F340103C94B175D83B4D5196C9150D6FBEC0DFCFF56DD2C611F59E934FB3C3100E8AF474FEED754131E68CA76713D1797A7374F007BC610B625FBE2917941B6DE3E28F8E1751F51E2C3B4CEE7E05234066CE9EBE1C3BD3E85F5BE7695F8580EA842F66780343CFF578400D4D73AC3D23FF2BE6749481ED471A7CD97304CC6C16FC7EED959A7B56BEF7D3BB8AA5935B5F8 This becomes 640 character password. Very hard to guess and obviously impossible to crack [/QUOTE]
Insert quotes…
Verification
Post reply
Top