Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Why shouldn't a colon (:) be used in a secure password?
- Thread starter weigoldk
- Start date
iSeriesCodePoet
Programmer
Or there might be a program reason for it. iSeriesCodePoet
IBM iSeries (AS/400) Programmer
![[pc2]](/data/assets/smilies/pc2.gif "[pc2] [pc2]")
IBM iSeries (AS/400) Programmer
- Thread starter
- #5
This is just one of many examples I found on the net--notice number 3.
A secure password
1.is at least six but no longer than eight characters
2. contains numbers, punctuation and upper- and lower-case letters
3. does not contain a colon
)
4. does not contain your user ID or anyone's name, either forwards or reversed
5. does not contain any string of characters associated with you (your licence plate, your telephone number, etc.), either forwards or reversed
6. is not a word that can be found in any dictionary (English, French, Spanish, biographical, specialized, etc.), either forwards or reversed
A secure password
1.is at least six but no longer than eight characters
2. contains numbers, punctuation and upper- and lower-case letters
3. does not contain a colon
)4. does not contain your user ID or anyone's name, either forwards or reversed
5. does not contain any string of characters associated with you (your licence plate, your telephone number, etc.), either forwards or reversed
6. is not a word that can be found in any dictionary (English, French, Spanish, biographical, specialized, etc.), either forwards or reversed
- Thread starter
- #6
To put some meat into this discussion, let me tell you why I decided to post the question.
1. I've been asked to put on a security discussion for my company. I don't want to put something into the discussion that I can't justify (ie not using a colon in a password), yet since I've seen it so may times, I don't want to leave it out if it has merit.
2. There is another character that I've heard is VERY secure in NT passwords. I once attended an NT security conference that said the password crackers at that time could not crack a password if this particular character was used first. I was wondering if there was something "magic" about a colon that made a password equally unsecure. Since the security conference was several years ago, I'm sure the crackers have discovered a way to crack the once very secure character.
1. I've been asked to put on a security discussion for my company. I don't want to put something into the discussion that I can't justify (ie not using a colon in a password), yet since I've seen it so may times, I don't want to leave it out if it has merit.
2. There is another character that I've heard is VERY secure in NT passwords. I once attended an NT security conference that said the password crackers at that time could not crack a password if this particular character was used first. I was wondering if there was something "magic" about a colon that made a password equally unsecure. Since the security conference was several years ago, I'm sure the crackers have discovered a way to crack the once very secure character.
You could test it by setting up some accounts and then using L0pht (now @stake) LC4 program to try and crack the passwords.
I found out (by accident) that '\' or '/' is pretty secure.
===============
Security Forums
I found out (by accident) that '\' or '/' is pretty secure.
===============
Security Forums
- Status
Similar threads
- Locked
- Question