Password Rules for Administrators
pwl.png Password rules:
  • The password must contain uppercase(s), lowercase(s), punctuation mark(s) and number(s).

DO NOT ALLOW USERS TO CREATE/USE A PASSWORD WITH ONLY TEXT AND NUMBERS, because password cracking is so easy with only numebrs and text.

  • Use punctuation marks to separate every word in the password. Exemple:
Dura, Lex, Sed, Lex.

Also, you can try this by @raedmasrii on 📷 Instagram (sorry, translation unavaible, language: arab)

  • Use some spelling mistake in your password. So if the hacker is trying to crack the password with rainbow tables or dictionnary, he would'nt find the password. Exemple:
Duri Lax Saed Laex
  • Change a password after 6-12 months or change it IMMEDIATLY after an attack.
  • Dont use a password for different systems or different devices.
  • Verify the length of the password (so if the hacker is using brute force, it would take a while).
  • Dont use wordsthat are in a dictonnary. So if the hacker is trying to crack the password with rainbow tables or dictionnary, he would'nt find the password.
  • Protect the screensaver by password.
  • Dont share your password!
  • Dont write your password(s) in a an Excel Table for exemple.

Exemple of a really strong password (do not use it! - The password was "dura lex sed lex"):

@Duk4, L5xs, S5df, L5x.f..

How to test a password?

1.https://www.passwordmonster.com/

See the result of the tested password on https://www.passwordmonster.com/:
resultpwd.png
46,000,000,000,000,000,000,000,000,000,000,000,000 years. LOL.

2. Cracking SAM base with pwdump3 and John the Ripper

Downloads:
pwdump3: https://www.tarasco.org/security/pwdump_7/

Credits:

Creative Commons License