{"id":9387,"date":"2014-08-24T15:41:28","date_gmt":"2014-08-24T19:41:28","guid":{"rendered":"http:\/\/mjtsai.com\/blog\/?p=9387"},"modified":"2014-08-24T15:41:28","modified_gmt":"2014-08-24T19:41:28","slug":"choosing-secure-passwords","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2014\/08\/24\/choosing-secure-passwords\/","title":{"rendered":"Choosing Secure Passwords"},"content":{"rendered":"<p><a href=\"https:\/\/www.schneier.com\/blog\/archives\/2014\/03\/choosing_secure_1.html\">Bruce Schneier<\/a>:<\/p>\n<blockquote cite=\"https:\/\/www.schneier.com\/blog\/archives\/2014\/03\/choosing_secure_1.html\"><p>This is why the oft-cited XKCD scheme for generating passwords -- string together individual words like &lsquo;correcthorsebatterystaple&rsquo; -- is no longer good advice. The password crackers are on to this trick.<\/p><p>[&#8230;]<\/p><p>Last year, Ars Technica <a href=\"http:\/\/arstechnica.com\/security\/2013\/05\/how-crackers-make-minced-meat-out-of-your-passwords\/\">gave three experts<\/a> a 16,000-entry encrypted password file, and asked them to break as many as possible. The winner got 90% of them, the loser 62% -- in a few hours.  It&rsquo;s the same sort of thing we saw in <a href=\"http:\/\/arstechnica.com\/security\/2012\/08\/passwords-under-assault\/\">2012<\/a>, <a href=\"https:\/\/www.schneier.com\/blog\/archives\/2007\/01\/choosing_secure.html\">2007<\/a>, and earlier.  If there&rsquo;s any new news, it&rsquo;s that this kind of thing is getting easier faster than people think.<\/p><\/blockquote>","protected":false},"excerpt":{"rendered":"<p>Bruce Schneier: This is why the oft-cited XKCD scheme for generating passwords -- string together individual words like &lsquo;correcthorsebatterystaple&rsquo; -- is no longer good advice. The password crackers are on to this trick.[&#8230;]Last year, Ars Technica gave three experts a 16,000-entry encrypted password file, and asked them to break as many as possible. The winner [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"","apple_news_api_id":"","apple_news_api_modified_at":"","apple_news_api_revision":"","apple_news_api_share_url":"","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[981,48],"class_list":["post-9387","post","type-post","status-publish","format-standard","hentry","category-technology","tag-passwords","tag-security"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/9387","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=9387"}],"version-history":[{"count":1,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/9387\/revisions"}],"predecessor-version":[{"id":9388,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/9387\/revisions\/9388"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=9387"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=9387"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=9387"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}