Password complexity recommendations : “xez&pAxat8Um” or “P4$$w0rd!!!!”? / Martin Salois.: D68-2/27-2014E-PDF
The password-cracking world is in turmoil. Many new technologies, such as graphic cards (e.g., NVidia CUDA or ATI/AMD GPUs), make easily available computing power that was previously reserved to very rich organizations. Many efficient tools followed using these technologies, for better or for worse. This report illustrates the type of performance one can obtain from a generic $2,000 computer and the lessons to learn on password length for different web sites and software programs. The larger conclusion is that an 11-character password, containing uppercase-lowercase-digits-symbols, is the ideal length for the foreseeable future when no other information is available. More characters are always better; less can be dangerous in the current state of the technology. The use of a password manager, a program that generates and manages strong, complex passwords, is strongly recommended.
Permanent link to this Catalogue record:
publications.gc.ca/pub?id=9.807269&sl=0
| Department/Agency | Canada. Defence R&D Canada. |
|---|---|
| Title | Password complexity recommendations : “xez&pAxat8Um” or “P4$$w0rd!!!!”? / Martin Salois. |
| Series title | Scientific report ; 2014-R27 |
| Publication type | Series - View Master Record |
| Language | [English] |
| Format | Electronic |
| Electronic document | |
| Note(s) | October 2014. Includes bibliographical references. |
| Publishing information | [Ottawa] : Defence Research and Development Canada, 2014. |
| Author / Contributor | Salois, Martin. |
| Description | vii, 18, [2] p. : fig., tables. |
| Catalogue number |
|
| Departmental catalogue number | DRDC-RDDC-2014-R27 |
| Subject terms | Computer security |