Password

A password or Mdp is a means of Authentification to use a resource or a service whose access is limited and protected.

The password must be held secret to prevent that a third party, not - authorized, cannot reach the service. The password is a method among others to carry out an identity check. It is about a proof that one has and that one transmits to the body or the service charged to authorize the access. Technically, a password belongs to the authentifications known as “weak”.

In the Tale Ali Baba and the forty robbers of the Thousand and One Nights figure one of the most famous passwords: “ Sesame, opens! ”.

Constitution of a password

Generally, a password consists of some letters, those forming a word, meaning or not. However, it can also include/understand spaces or punctuation marks, so that it can be a question then of a sentence.

The quality and the length of the password are crucial factors for safety. A password too short or coming from a dictionary is likely to be attacked via a research in a table containing a list of passwords. In a more systematic way, a Attaque by rough force tries all the possibilities and, with sufficient time, it is theoretically possible to find the password. A compromise is the Table rainbow, an improvement of the principle of the Compromis time-memory.

For these reasons, it is recommended to employ rather long passwords (at least eight characters), whose contents are without precise significance, with a mixture of letters, special figures and characters such as for example  : 83Kal2) H . A password such as avion12 will be likely great to be found thanks to the combination of an attack per dictionary and exhaustive research. The constraints concerning the length of the password and the type of contents depend however computing systems and recommendations installation by the administrators.

Limits with the security by password

It should not however not be believed that a long password and without significance is pledge of safety. For example, a file Excel, or Word which one believes protected will be most of the time instantaneously open with a software of ace: the reason is that the encoding chosen by defect by these programs is a weak encoding (40 bits). In this case, as long as is the password, it will be found instantaneously by a software of ace. Other software can trap the naive user: for example, those which propose to memorize the passwords and do not protect them, such Firefox 1.5 which proposes by defect, the option to post in light all the memorized passwords!

A robust password does not guarantee safety because this one depends on the environment of use:

• algorithm of encoding used weak;
• presence of software spies recording what is typed with the keyboard ( keyloggers );
• video recording of the user;
• systems not limiting the number of attempts;
• systems which do not introduce dissuasive times between each test.

See too

• Breaking of password

• Attack by rough force
• numerical Signature
• Computer security
• asymmetrical Cryptography
• Phishing
• strong Authentification
• LM hash

External bonds

• Programme which generates passwords, evaluates some and the robustness improves some;
• List of programs (generation, recovery, management of the passwords).

Random links:

1410s | Sequential color with memory | Peripheral of Toulouse | Batina | Richard Bull (musician) | Room 320 | Liste_de_matières_de_jardinage_et_agricoles_organiques

© 2007-2008 speedlook.com; article text available under the terms of GFDL, from fr.wikipedia.org