Log in

View Full Version : Subsembly Password Generator 1.0 Released


Jon Westfall
07-29-2006, 01:00 PM
<div class='os_post_top_link'><a href='http://subsembly.com/en/passwordgenerator.html' target='_blank'>http://subsembly.com/en/passwordgenerator.html</a><br /><br /></div><i>"Come up with new passwords quickly and easily by using the SubsemblyŽ Password Generator on your Windows Mobile device. According to your preference, the application suggests passwords that are very secure or that are readable and easy to remember. Whatever you choose, the actual cryptographic strength and thus the security of the password is clearly shown. The Subsembly Password Generator is Freeware."</i><br /><br /><img src=http://www.pocketpcthoughts.com/images/web/2003/SubPass_en_240x240.gif><br /><br />Password generators can sure come in handy when you have to assign passwords to users who don't always chose the best password. While $DG@Z23a91 might be a pain for them to remember, it works well from a security angle. Subsembly has just released their freeware password generator, so if you don't already have an application with a password-generator built in, check it out. Your users will simultaneously love and hate you for it!

ctmagnus
07-29-2006, 11:49 PM
This beats vxUtil's password generator for eye candy. And the strength indicator looks handy!

But ultimately the biggest factor to do with password strength is the human factor. I recently signed my dad up for a 4SmartPhone account and set a nice, strong password for him. What does he do? He makes labels of the password and sticks one on the monitor and one on the laptop, because the password was too "difficult" for him to remember. :roll:

patrickj
07-30-2006, 02:24 AM
Is the screenshot inaccurate then??? If the app is suggesting that 8 characters, all lowercase letters, is *strong*, then that is a JOKE and is providing serious misinformation to its users ...

Darius Wey
07-30-2006, 03:24 AM
Is the screenshot inaccurate then??? If the app is suggesting that 8 characters, all lowercase letters, is *strong*, then that is a JOKE and is providing serious misinformation to its users ...

I don't think it's saying that the password is "strong". The graphical indicator is halfway between "weak" and "strong", which is about right for an eight character password based solely on lowercase letters.

patrickj
07-30-2006, 05:52 AM
Yeah, my bad on looking at the slider wrong initially. But ... 8 lowercase characters is not halfway anything - that is a VERY weak password. In fact, anything below 10 (and MUCH better above 15) is trivially easy to crack - and that's even if it is 'complex', nevermind simple like that example.

Is the screenshot inaccurate then??? If the app is suggesting that 8 characters, all lowercase letters, is *strong*, then that is a JOKE and is providing serious misinformation to its users ...

I don't think it's saying that the password is "strong". The graphical indicator is halfway between "weak" and "strong", which is about right for an eight character password based solely on lowercase letters.

subsembly
07-30-2006, 09:01 AM
Hi,

you are right, a 8 letter lower case passord is pretty weak. Unfortunately my indicator may suggst otherwuse, however, the red colored number of bits really means weak. With a string enough password the number of bits turns green. I guess I should improve the display.

On the other hand. A 8 letter lower case password is really string enough for most online services, newsletters, forums, etc. This is because you usually do not have access to the server, other then trying to log in. But doing so quickly blocks your access after some false attempts. So if you have only a handful guesses before the account is blocked, then an 8 letter lower case password really cuts it more than enough.