Log in

No account? Create an account

Previous Entry | Next Entry

It’s finally happened. I knew it was just a matter of time.

Spammers are now guessing account passwords and using authenticated SMTP to send mail.

It’s time to make your password just a little better, folks.


( 5 comments — Leave a comment )
Jul. 20th, 2004 12:41 pm (UTC)
Last night with your gerbil I didn't need a password.

(I just had, to, you know...)
Jul. 21st, 2004 09:31 am (UTC)
I know. Yer mom told me.

Jul. 20th, 2004 06:50 pm (UTC)
Oh jeez.

But what constitutes a good password? I mean, is it a program guessing the passwords by trying all combinations -- to hit passwords like 5lJk2KmmN -- or is it a program using a list of words and numbers put together to hit passwords like "sally20"?

Jul. 20th, 2004 11:25 pm (UTC)
Well, since he said "guess", I would imagine it's just that. Guessing. Using "password", their last name, social securty number, date of birth, that sort of thing.

Or, I guess it could be brute force. Who's to say.
Jul. 22nd, 2004 12:19 pm (UTC)
5lJk2KmmN > sally20 > your dog's name > your birthday > your account name > test > nothing.

The break-in was having a password that was basically the account name.

I just had one on another server that was slightly harder, but not quite sally20 level.

Use a password that you are comfy with how secure it is.
( 5 comments — Leave a comment )