Are randomly-generated passwords starting with “a” less secure?Using a Cryptovariable with an API Designed for Human-Generated PasswordsHow secure are “pattern” passwords?Single randomly generated passphrase for both identity and authenticationHow come a controlledly generated password is more secure than a purely randomly generated oneWhat makes one random strong password more resistant to a brute force search than anotherIs randomly generating passwords from an assortment of dictionary words cryptographically secure?How to brute-force a somewhat remembered aescrypt password?Protecting Passwords Using Short Hash LengthCracking passwords via hashcat or rainbow tables. Which is faster?Are partial passwords a security improvement over full passwords?
Do you know your 'KVZ's?
During copyediting, journal disagrees about spelling of paper's main topic
Making polynomials representing frequency of a character in a list
What explains 9 speed cassettes price differences?
How to ask for a LinkedIn endorsement?
Print the last, middle and first character of your code
Why can a destructor change the state of a constant object?
definition of "percentile"
How can I effectively communicate to recruiters that a phone call is not possible?
Combining latex input and sed
Are neural networks prone to catastrophic forgetting?
Machine learning and operations research projects
How is angular momentum conserved for the orbiting body if the centripetal force disappears?
Credit score and financing new car
How can I get a player to accept that they should stop trying to pull stunts without thinking them through first?
Was I subtly told to resign?
How would my creatures handle groups without a strong concept of numbers?
How do you move up one folder in Finder?
What's the point of having a RAID 1 configuration over incremental backups to a secondary drive?
Contexte et orthographe du mot « feedback »
Old Conner IDE hard drives that are mistakenly detected as being 2TB, how do I connect to and image them?
Using Newton's shell theorem to accelerate a spaceship
Shortest hex dumping program
Referring to different instances of the same character in time travel
Are randomly-generated passwords starting with “a” less secure?
Using a Cryptovariable with an API Designed for Human-Generated PasswordsHow secure are “pattern” passwords?Single randomly generated passphrase for both identity and authenticationHow come a controlledly generated password is more secure than a purely randomly generated oneWhat makes one random strong password more resistant to a brute force search than anotherIs randomly generating passwords from an assortment of dictionary words cryptographically secure?How to brute-force a somewhat remembered aescrypt password?Protecting Passwords Using Short Hash LengthCracking passwords via hashcat or rainbow tables. Which is faster?Are partial passwords a security improvement over full passwords?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
I generated a password recently for a new account and the first three characters were "aa1".
After exhausting all other attacks, a cracker would start brute forcing. On the assumption they'd start from "a", my password of "aa1" would be cracked faster than, say, "ba1", and that faster than, say, "za1".
This password was very long so this question is more theoretical than practical. (Unless password lengths are limited, of course...) Are my assumptions right about brute-forcing and passwords?
passwords password-cracking
asked 9 hours ago
gnulynnuxgnulynnux
254 bronze badges
add a comment |
I generated a password recently for a new account and the first three characters were "aa1".
After exhausting all other attacks, a cracker would start brute forcing. On the assumption they'd start from "a", my password of "aa1" would be cracked faster than, say, "ba1", and that faster than, say, "za1".
This password was very long so this question is more theoretical than practical. (Unless password lengths are limited, of course...) Are my assumptions right about brute-forcing and passwords?
passwords password-cracking
asked 9 hours ago
gnulynnuxgnulynnux
254 bronze badges
brute-force would probably be parallelized, so if you have 26 running attack instances, then the 1st starting lowercase letter does not change a thing, but the question is pretty interesting : )
– Xenos
8 hours ago
It depends on the total length and character set used, the more the marrier. You must make sure a rainbow attack is not viable, you should check out this rainbow table calculator tobtu.com/rtcalc.php
– mootmoot
6 hours ago
add a comment |
I generated a password recently for a new account and the first three characters were "aa1".
After exhausting all other attacks, a cracker would start brute forcing. On the assumption they'd start from "a", my password of "aa1" would be cracked faster than, say, "ba1", and that faster than, say, "za1".
This password was very long so this question is more theoretical than practical. (Unless password lengths are limited, of course...) Are my assumptions right about brute-forcing and passwords?
passwords password-cracking
asked 9 hours ago
gnulynnuxgnulynnux
254 bronze badges
I generated a password recently for a new account and the first three characters were "aa1".
After exhausting all other attacks, a cracker would start brute forcing. On the assumption they'd start from "a", my password of "aa1" would be cracked faster than, say, "ba1", and that faster than, say, "za1".
This password was very long so this question is more theoretical than practical. (Unless password lengths are limited, of course...) Are my assumptions right about brute-forcing and passwords?
passwords password-cracking
passwords password-cracking
asked 9 hours ago
gnulynnuxgnulynnux
254 bronze badges
asked 9 hours ago
gnulynnuxgnulynnux
254 bronze badges
asked 9 hours ago
gnulynnuxgnulynnux
254 bronze badges
asked 9 hours ago
gnulynnuxgnulynnux
254 bronze badges
asked 9 hours ago
gnulynnuxgnulynnux
254 bronze badges
254 bronze badges
brute-force would probably be parallelized, so if you have 26 running attack instances, then the 1st starting lowercase letter does not change a thing, but the question is pretty interesting : )
– Xenos
8 hours ago
It depends on the total length and character set used, the more the marrier. You must make sure a rainbow attack is not viable, you should check out this rainbow table calculator tobtu.com/rtcalc.php
– mootmoot
6 hours ago
add a comment |
brute-force would probably be parallelized, so if you have 26 running attack instances, then the 1st starting lowercase letter does not change a thing, but the question is pretty interesting : )
– Xenos
8 hours ago
It depends on the total length and character set used, the more the marrier. You must make sure a rainbow attack is not viable, you should check out this rainbow table calculator tobtu.com/rtcalc.php
– mootmoot
6 hours ago
brute-force would probably be parallelized, so if you have 26 running attack instances, then the 1st starting lowercase letter does not change a thing, but the question is pretty interesting : )
– Xenos
8 hours ago
brute-force would probably be parallelized, so if you have 26 running attack instances, then the 1st starting lowercase letter does not change a thing, but the question is pretty interesting : )
– Xenos
8 hours ago
It depends on the total length and character set used, the more the marrier. You must make sure a rainbow attack is not viable, you should check out this rainbow table calculator tobtu.com/rtcalc.php
– mootmoot
6 hours ago
It depends on the total length and character set used, the more the marrier. You must make sure a rainbow attack is not viable, you should check out this rainbow table calculator tobtu.com/rtcalc.php
– mootmoot
6 hours ago
add a comment |
2 Answers
2
active
oldest
votes
It would seem that it depends on how exactly the attacker is going to bruteforce your password. However, my opinion is that in the end it doesn't matter.
A serious attacker will never start from the beginning in alphanumeric order, from aaaaaaaa to 99999999, unless they know they can do that in a reasonable time. If that's going to take them a thousand years, why should they use that method, knowing they will necessarily have to stop at, say, cccccccc? But if the attacker knows that they can try all the possibilities in a reasonable time, then it doesn't matter whether your password is among the first combinations or among the last, because in the end they will find it anyway (in a reasonable time).
Most passwords are still weak (say, your dog's name, plus maybe your date of birth, etc.) and the attackers don't like wasting too much time, let alone years to crack passwords. So what attackers normally do is use dictionaries and patterns. They will first try passwords like: pass123, 123pass, john90, john91, John92, JOHN93, suckmyd1ck, l1nux4dm1n, etc. If every attempt with dictionaries and patterns fails, they might move on and assume that the password looks truly random. How long will it take to try all the possible passwords? If that can be done in a reasonable time, they might try them all (for example from aaaaaaaa to 99999999). Otherwise if the attacker assumes that they will never be able to try them all, they might try to bruteforce the password with some random guesses (random strings, not ordered): 12hrisn589sjlf, 9f2jcvew85hdye, otnwc739vhe82b, etc. If the attacker is lucky they might find the password, sooner or later. However if the password is too strong, such that it would take them too many years to guess it, they had better give up or think of an alternative attack (phishing, shoulder surfing, keyloggers, etc.)
answered 7 hours ago
reedreed
4,5383 gold badges13 silver badges34 bronze badges
Indeed, I think that's what it really comes down to - the hacker is well aware of what their has rate is, and therefore what passwords they can crack in a reasonable amount of time. Bruteforcing the full search space is either possible in a reasonable amount of time or it isn't, in which case they won't bother and it won't matter.
– Conor Mancone
6 hours ago
add a comment |
Entropy is really the biggest concern, and entropy is determined by the amount of randomness in your password generation process.
Let's use an 18 character password as an example. We'll look at alphanumeric characters only (62 possible characters). This gives:
log2(62**18) = 107 bits of entropy
If you decide to always convert the first 3 characters to Z to make it harder to bruteforce then you have effectively removed 3 random characters from your password, leaving you with:
log2(62**15) = 89 bits of entropy
Which is about a factor of 1,000,000 weaker. Of course, both are still absolutely and completely impossible to bruteforce, so if someone is trying to brute force your password I wouldn't worry. However, it's worth emphasizing how impossible it is to brute force such a password (just in case my links didn't convince you). A top of the line MD5 hashing rig can try 200 billion hashes per second. It's blazing fast (which is why MD5 isn't supposed to be used for passwords). Even your weaker password (when you replaced the first three characters with z) has 7.6e26 possible combinations. At 200 billion hashes per second it will only take 120 MILLION years to try all password possibilities if the password was hashed with MD5. I don't think you have anything to worry about.
So, is it better to start with "higher" characters to make it harder for someone to brute force your password? Maybe, maybe not. It depends on how someone actually tries to crack the password (and there aren't any guarantees about what direction they might work in). Either way though, if you use a long random password, there is absolutely zero chance that it will get hacked. So I wouldn't worry about it. When it comes to passwords length is king.
answered 8 hours ago
Conor ManconeConor Mancone
11.8k5 gold badges27 silver badges54 bronze badges
This is a good answer. It may be improved by a brief discussion on Kerckhoff's Principle.
– Adonalsium
8 hours ago
More than 256 bits of entropy with only 18 chars and no symbols? That's surprising, I thought. Because in fact the calculation is wrong: it's not log2(18^62), but log2(62^18), which is 107 bits of entropy. Your general point (length is king) is good, but unfortunately the rest of your post is based on wrong calculations.
– reed
7 hours ago
@reed lol, this isn't the first time I've gotten those backwards...
– Conor Mancone
7 hours ago
@reed fortunately the correct numbers don't change the actual answer - it's just a lot less dramatic.
– Conor Mancone
7 hours ago
1
@Adonalsium I think that could be a good addition - I'll add something in when I have more time later.
– Conor Mancone
7 hours ago
|
show 1 more comment
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "162"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f213272%2fare-randomly-generated-passwords-starting-with-a-less-secure%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
It would seem that it depends on how exactly the attacker is going to bruteforce your password. However, my opinion is that in the end it doesn't matter.
A serious attacker will never start from the beginning in alphanumeric order, from aaaaaaaa to 99999999, unless they know they can do that in a reasonable time. If that's going to take them a thousand years, why should they use that method, knowing they will necessarily have to stop at, say, cccccccc? But if the attacker knows that they can try all the possibilities in a reasonable time, then it doesn't matter whether your password is among the first combinations or among the last, because in the end they will find it anyway (in a reasonable time).
Most passwords are still weak (say, your dog's name, plus maybe your date of birth, etc.) and the attackers don't like wasting too much time, let alone years to crack passwords. So what attackers normally do is use dictionaries and patterns. They will first try passwords like: pass123, 123pass, john90, john91, John92, JOHN93, suckmyd1ck, l1nux4dm1n, etc. If every attempt with dictionaries and patterns fails, they might move on and assume that the password looks truly random. How long will it take to try all the possible passwords? If that can be done in a reasonable time, they might try them all (for example from aaaaaaaa to 99999999). Otherwise if the attacker assumes that they will never be able to try them all, they might try to bruteforce the password with some random guesses (random strings, not ordered): 12hrisn589sjlf, 9f2jcvew85hdye, otnwc739vhe82b, etc. If the attacker is lucky they might find the password, sooner or later. However if the password is too strong, such that it would take them too many years to guess it, they had better give up or think of an alternative attack (phishing, shoulder surfing, keyloggers, etc.)
answered 7 hours ago
reedreed
4,5383 gold badges13 silver badges34 bronze badges
Indeed, I think that's what it really comes down to - the hacker is well aware of what their has rate is, and therefore what passwords they can crack in a reasonable amount of time. Bruteforcing the full search space is either possible in a reasonable amount of time or it isn't, in which case they won't bother and it won't matter.
– Conor Mancone
6 hours ago
add a comment |
It would seem that it depends on how exactly the attacker is going to bruteforce your password. However, my opinion is that in the end it doesn't matter.
A serious attacker will never start from the beginning in alphanumeric order, from aaaaaaaa to 99999999, unless they know they can do that in a reasonable time. If that's going to take them a thousand years, why should they use that method, knowing they will necessarily have to stop at, say, cccccccc? But if the attacker knows that they can try all the possibilities in a reasonable time, then it doesn't matter whether your password is among the first combinations or among the last, because in the end they will find it anyway (in a reasonable time).
Most passwords are still weak (say, your dog's name, plus maybe your date of birth, etc.) and the attackers don't like wasting too much time, let alone years to crack passwords. So what attackers normally do is use dictionaries and patterns. They will first try passwords like: pass123, 123pass, john90, john91, John92, JOHN93, suckmyd1ck, l1nux4dm1n, etc. If every attempt with dictionaries and patterns fails, they might move on and assume that the password looks truly random. How long will it take to try all the possible passwords? If that can be done in a reasonable time, they might try them all (for example from aaaaaaaa to 99999999). Otherwise if the attacker assumes that they will never be able to try them all, they might try to bruteforce the password with some random guesses (random strings, not ordered): 12hrisn589sjlf, 9f2jcvew85hdye, otnwc739vhe82b, etc. If the attacker is lucky they might find the password, sooner or later. However if the password is too strong, such that it would take them too many years to guess it, they had better give up or think of an alternative attack (phishing, shoulder surfing, keyloggers, etc.)
answered 7 hours ago
reedreed
4,5383 gold badges13 silver badges34 bronze badges
Indeed, I think that's what it really comes down to - the hacker is well aware of what their has rate is, and therefore what passwords they can crack in a reasonable amount of time. Bruteforcing the full search space is either possible in a reasonable amount of time or it isn't, in which case they won't bother and it won't matter.
– Conor Mancone
6 hours ago
add a comment |
It would seem that it depends on how exactly the attacker is going to bruteforce your password. However, my opinion is that in the end it doesn't matter.
A serious attacker will never start from the beginning in alphanumeric order, from aaaaaaaa to 99999999, unless they know they can do that in a reasonable time. If that's going to take them a thousand years, why should they use that method, knowing they will necessarily have to stop at, say, cccccccc? But if the attacker knows that they can try all the possibilities in a reasonable time, then it doesn't matter whether your password is among the first combinations or among the last, because in the end they will find it anyway (in a reasonable time).
Most passwords are still weak (say, your dog's name, plus maybe your date of birth, etc.) and the attackers don't like wasting too much time, let alone years to crack passwords. So what attackers normally do is use dictionaries and patterns. They will first try passwords like: pass123, 123pass, john90, john91, John92, JOHN93, suckmyd1ck, l1nux4dm1n, etc. If every attempt with dictionaries and patterns fails, they might move on and assume that the password looks truly random. How long will it take to try all the possible passwords? If that can be done in a reasonable time, they might try them all (for example from aaaaaaaa to 99999999). Otherwise if the attacker assumes that they will never be able to try them all, they might try to bruteforce the password with some random guesses (random strings, not ordered): 12hrisn589sjlf, 9f2jcvew85hdye, otnwc739vhe82b, etc. If the attacker is lucky they might find the password, sooner or later. However if the password is too strong, such that it would take them too many years to guess it, they had better give up or think of an alternative attack (phishing, shoulder surfing, keyloggers, etc.)
answered 7 hours ago
reedreed
4,5383 gold badges13 silver badges34 bronze badges
It would seem that it depends on how exactly the attacker is going to bruteforce your password. However, my opinion is that in the end it doesn't matter.
A serious attacker will never start from the beginning in alphanumeric order, from aaaaaaaa to 99999999, unless they know they can do that in a reasonable time. If that's going to take them a thousand years, why should they use that method, knowing they will necessarily have to stop at, say, cccccccc? But if the attacker knows that they can try all the possibilities in a reasonable time, then it doesn't matter whether your password is among the first combinations or among the last, because in the end they will find it anyway (in a reasonable time).
Most passwords are still weak (say, your dog's name, plus maybe your date of birth, etc.) and the attackers don't like wasting too much time, let alone years to crack passwords. So what attackers normally do is use dictionaries and patterns. They will first try passwords like: pass123, 123pass, john90, john91, John92, JOHN93, suckmyd1ck, l1nux4dm1n, etc. If every attempt with dictionaries and patterns fails, they might move on and assume that the password looks truly random. How long will it take to try all the possible passwords? If that can be done in a reasonable time, they might try them all (for example from aaaaaaaa to 99999999). Otherwise if the attacker assumes that they will never be able to try them all, they might try to bruteforce the password with some random guesses (random strings, not ordered): 12hrisn589sjlf, 9f2jcvew85hdye, otnwc739vhe82b, etc. If the attacker is lucky they might find the password, sooner or later. However if the password is too strong, such that it would take them too many years to guess it, they had better give up or think of an alternative attack (phishing, shoulder surfing, keyloggers, etc.)
answered 7 hours ago
reedreed
4,5383 gold badges13 silver badges34 bronze badges
answered 7 hours ago
reedreed
4,5383 gold badges13 silver badges34 bronze badges
answered 7 hours ago
reedreed
4,5383 gold badges13 silver badges34 bronze badges
answered 7 hours ago
reedreed
4,5383 gold badges13 silver badges34 bronze badges
4,5383 gold badges13 silver badges34 bronze badges
Indeed, I think that's what it really comes down to - the hacker is well aware of what their has rate is, and therefore what passwords they can crack in a reasonable amount of time. Bruteforcing the full search space is either possible in a reasonable amount of time or it isn't, in which case they won't bother and it won't matter.
– Conor Mancone
6 hours ago
add a comment |
Indeed, I think that's what it really comes down to - the hacker is well aware of what their has rate is, and therefore what passwords they can crack in a reasonable amount of time. Bruteforcing the full search space is either possible in a reasonable amount of time or it isn't, in which case they won't bother and it won't matter.
– Conor Mancone
6 hours ago
Indeed, I think that's what it really comes down to - the hacker is well aware of what their has rate is, and therefore what passwords they can crack in a reasonable amount of time. Bruteforcing the full search space is either possible in a reasonable amount of time or it isn't, in which case they won't bother and it won't matter.
– Conor Mancone
6 hours ago
Indeed, I think that's what it really comes down to - the hacker is well aware of what their has rate is, and therefore what passwords they can crack in a reasonable amount of time. Bruteforcing the full search space is either possible in a reasonable amount of time or it isn't, in which case they won't bother and it won't matter.
– Conor Mancone
6 hours ago
add a comment |
Entropy is really the biggest concern, and entropy is determined by the amount of randomness in your password generation process.
Let's use an 18 character password as an example. We'll look at alphanumeric characters only (62 possible characters). This gives:
log2(62**18) = 107 bits of entropy
If you decide to always convert the first 3 characters to Z to make it harder to bruteforce then you have effectively removed 3 random characters from your password, leaving you with:
log2(62**15) = 89 bits of entropy
Which is about a factor of 1,000,000 weaker. Of course, both are still absolutely and completely impossible to bruteforce, so if someone is trying to brute force your password I wouldn't worry. However, it's worth emphasizing how impossible it is to brute force such a password (just in case my links didn't convince you). A top of the line MD5 hashing rig can try 200 billion hashes per second. It's blazing fast (which is why MD5 isn't supposed to be used for passwords). Even your weaker password (when you replaced the first three characters with z) has 7.6e26 possible combinations. At 200 billion hashes per second it will only take 120 MILLION years to try all password possibilities if the password was hashed with MD5. I don't think you have anything to worry about.
So, is it better to start with "higher" characters to make it harder for someone to brute force your password? Maybe, maybe not. It depends on how someone actually tries to crack the password (and there aren't any guarantees about what direction they might work in). Either way though, if you use a long random password, there is absolutely zero chance that it will get hacked. So I wouldn't worry about it. When it comes to passwords length is king.
answered 8 hours ago
Conor ManconeConor Mancone
11.8k5 gold badges27 silver badges54 bronze badges
This is a good answer. It may be improved by a brief discussion on Kerckhoff's Principle.
– Adonalsium
8 hours ago
More than 256 bits of entropy with only 18 chars and no symbols? That's surprising, I thought. Because in fact the calculation is wrong: it's not log2(18^62), but log2(62^18), which is 107 bits of entropy. Your general point (length is king) is good, but unfortunately the rest of your post is based on wrong calculations.
– reed
7 hours ago
@reed lol, this isn't the first time I've gotten those backwards...
– Conor Mancone
7 hours ago
@reed fortunately the correct numbers don't change the actual answer - it's just a lot less dramatic.
– Conor Mancone
7 hours ago
1
@Adonalsium I think that could be a good addition - I'll add something in when I have more time later.
– Conor Mancone
7 hours ago
|
show 1 more comment
Entropy is really the biggest concern, and entropy is determined by the amount of randomness in your password generation process.
Let's use an 18 character password as an example. We'll look at alphanumeric characters only (62 possible characters). This gives:
log2(62**18) = 107 bits of entropy
If you decide to always convert the first 3 characters to Z to make it harder to bruteforce then you have effectively removed 3 random characters from your password, leaving you with:
log2(62**15) = 89 bits of entropy
Which is about a factor of 1,000,000 weaker. Of course, both are still absolutely and completely impossible to bruteforce, so if someone is trying to brute force your password I wouldn't worry. However, it's worth emphasizing how impossible it is to brute force such a password (just in case my links didn't convince you). A top of the line MD5 hashing rig can try 200 billion hashes per second. It's blazing fast (which is why MD5 isn't supposed to be used for passwords). Even your weaker password (when you replaced the first three characters with z) has 7.6e26 possible combinations. At 200 billion hashes per second it will only take 120 MILLION years to try all password possibilities if the password was hashed with MD5. I don't think you have anything to worry about.
So, is it better to start with "higher" characters to make it harder for someone to brute force your password? Maybe, maybe not. It depends on how someone actually tries to crack the password (and there aren't any guarantees about what direction they might work in). Either way though, if you use a long random password, there is absolutely zero chance that it will get hacked. So I wouldn't worry about it. When it comes to passwords length is king.
answered 8 hours ago
Conor ManconeConor Mancone
11.8k5 gold badges27 silver badges54 bronze badges
This is a good answer. It may be improved by a brief discussion on Kerckhoff's Principle.
– Adonalsium
8 hours ago
More than 256 bits of entropy with only 18 chars and no symbols? That's surprising, I thought. Because in fact the calculation is wrong: it's not log2(18^62), but log2(62^18), which is 107 bits of entropy. Your general point (length is king) is good, but unfortunately the rest of your post is based on wrong calculations.
– reed
7 hours ago
@reed lol, this isn't the first time I've gotten those backwards...
– Conor Mancone
7 hours ago
@reed fortunately the correct numbers don't change the actual answer - it's just a lot less dramatic.
– Conor Mancone
7 hours ago
1
@Adonalsium I think that could be a good addition - I'll add something in when I have more time later.
– Conor Mancone
7 hours ago
|
show 1 more comment
Entropy is really the biggest concern, and entropy is determined by the amount of randomness in your password generation process.
Let's use an 18 character password as an example. We'll look at alphanumeric characters only (62 possible characters). This gives:
log2(62**18) = 107 bits of entropy
If you decide to always convert the first 3 characters to Z to make it harder to bruteforce then you have effectively removed 3 random characters from your password, leaving you with:
log2(62**15) = 89 bits of entropy
Which is about a factor of 1,000,000 weaker. Of course, both are still absolutely and completely impossible to bruteforce, so if someone is trying to brute force your password I wouldn't worry. However, it's worth emphasizing how impossible it is to brute force such a password (just in case my links didn't convince you). A top of the line MD5 hashing rig can try 200 billion hashes per second. It's blazing fast (which is why MD5 isn't supposed to be used for passwords). Even your weaker password (when you replaced the first three characters with z) has 7.6e26 possible combinations. At 200 billion hashes per second it will only take 120 MILLION years to try all password possibilities if the password was hashed with MD5. I don't think you have anything to worry about.
So, is it better to start with "higher" characters to make it harder for someone to brute force your password? Maybe, maybe not. It depends on how someone actually tries to crack the password (and there aren't any guarantees about what direction they might work in). Either way though, if you use a long random password, there is absolutely zero chance that it will get hacked. So I wouldn't worry about it. When it comes to passwords length is king.
answered 8 hours ago
Conor ManconeConor Mancone
11.8k5 gold badges27 silver badges54 bronze badges
Entropy is really the biggest concern, and entropy is determined by the amount of randomness in your password generation process.
Let's use an 18 character password as an example. We'll look at alphanumeric characters only (62 possible characters). This gives:
log2(62**18) = 107 bits of entropy
If you decide to always convert the first 3 characters to Z to make it harder to bruteforce then you have effectively removed 3 random characters from your password, leaving you with:
log2(62**15) = 89 bits of entropy
Which is about a factor of 1,000,000 weaker. Of course, both are still absolutely and completely impossible to bruteforce, so if someone is trying to brute force your password I wouldn't worry. However, it's worth emphasizing how impossible it is to brute force such a password (just in case my links didn't convince you). A top of the line MD5 hashing rig can try 200 billion hashes per second. It's blazing fast (which is why MD5 isn't supposed to be used for passwords). Even your weaker password (when you replaced the first three characters with z) has 7.6e26 possible combinations. At 200 billion hashes per second it will only take 120 MILLION years to try all password possibilities if the password was hashed with MD5. I don't think you have anything to worry about.
So, is it better to start with "higher" characters to make it harder for someone to brute force your password? Maybe, maybe not. It depends on how someone actually tries to crack the password (and there aren't any guarantees about what direction they might work in). Either way though, if you use a long random password, there is absolutely zero chance that it will get hacked. So I wouldn't worry about it. When it comes to passwords length is king.
answered 8 hours ago
Conor ManconeConor Mancone
11.8k5 gold badges27 silver badges54 bronze badges
edited 7 hours ago
answered 8 hours ago
Conor ManconeConor Mancone
11.8k5 gold badges27 silver badges54 bronze badges
answered 8 hours ago
Conor ManconeConor Mancone
11.8k5 gold badges27 silver badges54 bronze badges
answered 8 hours ago
Conor ManconeConor Mancone
11.8k5 gold badges27 silver badges54 bronze badges
11.8k5 gold badges27 silver badges54 bronze badges
This is a good answer. It may be improved by a brief discussion on Kerckhoff's Principle.
– Adonalsium
8 hours ago
More than 256 bits of entropy with only 18 chars and no symbols? That's surprising, I thought. Because in fact the calculation is wrong: it's not log2(18^62), but log2(62^18), which is 107 bits of entropy. Your general point (length is king) is good, but unfortunately the rest of your post is based on wrong calculations.
– reed
7 hours ago
@reed lol, this isn't the first time I've gotten those backwards...
– Conor Mancone
7 hours ago
@reed fortunately the correct numbers don't change the actual answer - it's just a lot less dramatic.
– Conor Mancone
7 hours ago
1
@Adonalsium I think that could be a good addition - I'll add something in when I have more time later.
– Conor Mancone
7 hours ago
|
show 1 more comment
This is a good answer. It may be improved by a brief discussion on Kerckhoff's Principle.
– Adonalsium
8 hours ago
More than 256 bits of entropy with only 18 chars and no symbols? That's surprising, I thought. Because in fact the calculation is wrong: it's not log2(18^62), but log2(62^18), which is 107 bits of entropy. Your general point (length is king) is good, but unfortunately the rest of your post is based on wrong calculations.
– reed
7 hours ago
@reed lol, this isn't the first time I've gotten those backwards...
– Conor Mancone
7 hours ago
@reed fortunately the correct numbers don't change the actual answer - it's just a lot less dramatic.
– Conor Mancone
7 hours ago
1
@Adonalsium I think that could be a good addition - I'll add something in when I have more time later.
– Conor Mancone
7 hours ago
This is a good answer. It may be improved by a brief discussion on Kerckhoff's Principle.
– Adonalsium
8 hours ago
This is a good answer. It may be improved by a brief discussion on Kerckhoff's Principle.
– Adonalsium
8 hours ago
More than 256 bits of entropy with only 18 chars and no symbols? That's surprising, I thought. Because in fact the calculation is wrong: it's not log2(18^62), but log2(62^18), which is 107 bits of entropy. Your general point (length is king) is good, but unfortunately the rest of your post is based on wrong calculations.
– reed
7 hours ago
More than 256 bits of entropy with only 18 chars and no symbols? That's surprising, I thought. Because in fact the calculation is wrong: it's not log2(18^62), but log2(62^18), which is 107 bits of entropy. Your general point (length is king) is good, but unfortunately the rest of your post is based on wrong calculations.
– reed
7 hours ago
@reed lol, this isn't the first time I've gotten those backwards...
– Conor Mancone
7 hours ago
@reed lol, this isn't the first time I've gotten those backwards...
– Conor Mancone
7 hours ago
@reed fortunately the correct numbers don't change the actual answer - it's just a lot less dramatic.
– Conor Mancone
7 hours ago
@reed fortunately the correct numbers don't change the actual answer - it's just a lot less dramatic.
– Conor Mancone
7 hours ago
1
1
@Adonalsium I think that could be a good addition - I'll add something in when I have more time later.
– Conor Mancone
7 hours ago
@Adonalsium I think that could be a good addition - I'll add something in when I have more time later.
– Conor Mancone
7 hours ago
|
show 1 more comment
Thanks for contributing an answer to Information Security Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f213272%2fare-randomly-generated-passwords-starting-with-a-less-secure%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
brute-force would probably be parallelized, so if you have 26 running attack instances, then the 1st starting lowercase letter does not change a thing, but the question is pretty interesting : )
– Xenos
8 hours ago
It depends on the total length and character set used, the more the marrier. You must make sure a rainbow attack is not viable, you should check out this rainbow table calculator tobtu.com/rtcalc.php
– mootmoot
6 hours ago