During a recent password audit by Google,
it was found that a blonde was using the following password:

"MickeyMinniePlutoHueyLouieDeweyDonaldGoofyMelbourne"

When asked why she had such a long password, she rolled her eyes and said:

"Hello! It has to be at least 8 characters
long and include at least one capital."

nice to know that Google can read encrypted passwords. :-P

hmm.

its not really safe in internet..
but for that case, gives a lil tickling joke...

but again, Melbourne is not a capital i guess.. :)

edit: is this really a google password audit or a blonde iq test?

lol, excellent

Melbourne is not a capital.

The capital of Australia is Canberra

BONUS !!

Actually, its far more safer to have a password oomposed of three words or numbers you can remember. Like RhinoFallWine86

HENCE MAKING THE BLONDE JOKE EVEN FUNNIER!

No it's not.

It's a safe assumption that the vast majority of people will choose words from their own language, and that this language is not difficult to determine. In my case, English.

There's right around 200,000 words in English... but most people's working vocabularies are between 5,000 and 6,000 words. Since the whole point of choosing words is to make them easier to remember, it seems reasonable to assume that the words will have to come out of this working vocabulary.

6,000^3 = 216,000,000,000 possibilities.

With a number included (let's say anywhere from 1-100 since yours was 86), 216,000,000,000 * 100 = 21,600,000,000,000 possibilities.

But, of course, we can't assume placement of the number, it could be at the beginning or between words too, so 21,600,000,000,000 * 4 = 86,400,000,000,000

Now, for comparison, a randomly generated 8 character password has 26 letters, 10 digits, and 32 special characters to choose from (I just counted the characters I can get on my standard qwerty keyboard with one key stroke, or shift+1 key stroke).

That's 68 characters.

The standard length of a password is 8 characters.

68^8 = 457,163,239,653,376 possibilities.

This means that a standard 8 character random password is right around 5 times as secure as your suggestion. Of course, no one suggests 8 character password, the most common suggestion for anyone security minded is a 12 character random password.

68^12 = 9.775*10^21

That's a little over 100,000x as many options as your method.

-Fooglmog
Guy with no clue.

I KNOW! HILARIOUS, ISN'T IT? I MEAN... CHARACTERS! HAHA! CAPITAL! ROFL!

AH, BLONDES.

@fooglemog: xkcd would disagree with you:P

http://xkcd.com/936/
just string more words together. Easier to remember:p

Ty martian. Precisely the point (and source) I was referencing!

While we are on the subject of security and cracking...

Even Google was hacked.

http://www.businessinsider.com/...f-a-job-interview-2012-10

xkcd's suggestion is just an incremental step, and it has one fatal flaw which Gut so poignantly demonstrated here.

Going from "troubador" to "Tr0ub4dor&3" was one incremental step. Going from "Tr0ub4dor&3" to "correcthorsebatterystaple" may be the next. But a series of random characters will always be the most secure option.

This becomes especially so when people don't understand the concepts involved. Instead of suggesting the 4 common words of the comic, which is more secure than "Tr0ub4dor&3", Gut suggested 3 words plus a number. It turns out, that this method is actually within only a couple layers of entropy of the original "Tr0ub4dor&3" method.

I don't know why Gut did this (maybe he thought adding a number would make it better?), but the point is he did -- presumably without realizing he was sacrificing the supposed improvement in security. This is going to be an on-going concern with this method... I'd expect a majority of people forced to adopt it wouldn't be able to resist making their words into a phrase; "bobhateshisjob", for example.

Now, I don't really think everyone ought to understand the underlying concepts. But this is why a method which is as mistake-proof as possible is best. 8-12 random characters is fairly unambiguous... either you do it (and get the security benefit) or don't (and don't). But you don't get people trying to find ways to improve on the security and make it worse (like Gut did) or try to be clever while still thinking they're within the "rules".

-Fooglmog
Guy with no clue.

Good old blonde jokes.

Lol

My friend once used a 24-letter chemical name

lovely

Not only a blonde test, but a nerd test too it seems. Hehe

true serpentor

lol nice joke should have left it @ that without all the tech(impressive formula by the way Fooglmog). also Canberra is known to most as the capital(cause it is) but most ozzies like myself think Canberra is more of a parliament capital and Melbourne as our capital mayb this is where ppl get the common misconception :)

Grau random words have worked well for me. 16 charcters

bonus

Geez, ducko resurrected this thread. LOL Necrophiliac!