I'm interested in seeing what kind of different passwords schemes you guys use for maximum security. I know this may sound dumb to spill out here at WHT, but I'm just curious as how you go around password protecting your own web site, server, etc. Passwords are the first defense in keeping hackers and other malicious users from damaging documents. :D

My password scheme is rather simple. I just have a list of 4-5 passwords that I reuse on different occassions. Some passwords I keep for forums, other passwords I use rarely and only to protect my web site and such. Of course, my passwords become outdated (if there is such a thing for passwords) and I make up new ones every so often.

Completely random passwords with a comibnation of letters, numbers and symbols with both uppercase and lowercase characters. For better security use 10 or more characters.

I use a password generator.

:stickout:

New password every few days. The passwords are random...

WHT

EDIT - oops now everyone knows :D

I use a pretty simple one for my server pass...but for my online game we have a pass something like jf8*kj\df_=/#jJKJh93 THat makes it impossible to even crack because we use symbols and stuff in there. But most things like WHM and Cpanel wont let you use something like that. Luckly our game is programed by us so it works that way. Also one extra security mesure we use is you can only log in from our home ip's if we log in remotely from another IP we must use 5 diffrent passwords that are as long as that other.

I normally use a set a passwords that only have meaning to me. I would suggest never using a birthday date, middle name or something similar to that. But I do use to random passwords.

I use about 12 different combinations of letters/numbers that I have all memorized. :)

Some of them are just simple patterns on the keyboard. ;)

You can test your password strength here:

http://www.certainkey.com/demos/password/

Originally posted by Zutroy
You can test your password strength here:

http://www.certainkey.com/demos/password/
That doesn't seem to be a very useful tool since many passwords used have some english word in it (whether it be "wee", "uh", or "moo").

like im going to type my password into that box, i tried a few passwords that i found intresting heh

I checked out some of my old abandon passwords, and they were pretty good...

I do my passwords by looking around my room using the first figure (digit, number, etc) that catches my eye... Some of my passwords, I md5'em when I'm bored...

I choose completely random combinations of letters and numbers and of course, don't use the same password twice. I change them monthly, on average.

I decided to write a program and database to track each user name, password, date created or updated, notify me of 90 day old passwords, and site it went with along with a comments section. To be even more secure I encrypted the database and added a login password with a security feature to let me know when someone had tried to access the program. So I just make a random password each time and not worry about what the password is.

1pdj4klsL24D <- probably one of the best to use. This one would take about 837,483,540 days to crack

The problem I found was with people and what the hell do you do with the passwords and users names.

I would say 90% of the people don't change them ever.

45% write them down on paper and keep them in the desk.

55% use common passwords which they can remember

% all guesses could make a poll, LOL

I have kind of a generic password I use for forums, and a 23 character password I use for important things.

The generic password said it would take 0 days, important pw was 999,999,999..

smidwap - any password with a dictionary word in it will be easy to crack...that's the point of choosing a totally random password.

Originally posted by Zutroy
smidwap - any password with a dictionary word in it will be easy to crack...that's the point of choosing a totally random password.
Yes, I totally agree. Just I've found that I'm many of clients (as well as me for unimportant things) use common words along with letters and other numbers. I wouldn't want a client's site of mine to be easy to hack, as that could create problems in terms of legal content put on the site.