Continue to Site

Welcome to EDAboard.com

Welcome to our site! EDAboard.com is an international Electronics Discussion Forum focused on EDA software, circuits, schematics, books, theory, papers, asic, pld, 8051, DSP, Network, RF, Analog Design, PCB, Service Manuals... and a whole lot more! To participate you need to register. Registration is free. Click here to register now.

Creating a secure algorithm for password storage/password generation, +encryption.

Status
Not open for further replies.

David_

Advanced Member level 2
Advanced Member level 2
Joined
Dec 6, 2013
Messages
573
Helped
8
Reputation
16
Reaction score
8
Trophy points
1,308
Location
Sweden
Activity points
12,236
Hello.

The impression I get from what I have read online is that if your password are still only made up of alphabetic characters(both lower-case and capitals) then you can pretty much be sure that your password is a quick match for any serious code-breaking machine.

I have been trying to come up with a system to ensure I have very good safety on all my passwords but I lack much knowledge about what it is that I need to defend my self from,
I build my passwords with special characters, both lower-case & capitalized letter and numbers, and they are about 15-25 characters long.

Now, Is it an acceptable habit to keep a encrypted document on my PC containing my passwords?

I know nothing about encryption so the following might be put in a funny way but I am using hexadecimal encoding with a aes256 cbc cipher, is that a good encryption?

A second option that I have been thinking about but not succeeded in creating is an algorithm which uses peace's of information from the site it is for/the context of what it's for to create a long enough password yet in a way that if I come back to the site a couple of weeks later and have no idea what the password is I could figure out what the password is since the algorithm to create a password would almost certainly yield the same password the second time as well.

Is any of this viable you think?

How do you try to ensure your password is not the weak link if I where trying to break into your account/network/treasure-chest or whatever?

I am sure I am not the first or the 1000th person to suggest this but how about storing your passwords in the Flash space of a tiny USB enabled microcontroller?
But then what would be the difference between that and buying a tiny USB stick and use that, good luck creating a USB memory in the same form factor and slick design as those tiny commercial manufactured USB sticks.

Regards
 

I have a small looseleaf book. One website per page with username and password (about 50 total). Since it's a bother to get it out every day, I made a similar text doc in English, in the clear. (Nobody but me is in this place.) For a while the doc was named 'my passwords 2015-05-22.txt', but one day I decided that would make it too easy for a burglar. So the current version is 'my plinguistic 2015-12-20.txt'.

If a remote attacker were to gain access and read through my hard disk, then I would indeed be in trouble.

I change my passwords whenever I hear there's been another data breech (via PCpitstop.com). I change mainly my financial related passwords. The letters are whatever object pops into my mind, followed by three numbers in a row at random. Windows offers to store my passwords but I tell it No regarding the financial ones.

I'm careful in about half the ways the recommendations advise us.
 

Status
Not open for further replies.

Part and Inventory Search

Welcome to EDABoard.com

Sponsor

Back
Top