Solidifying Passwords by Understanding Entropy

  • Episode 318
  • October 22, 2013

Make your password much more challenging for computer programs to brute force by taking entropy into account when planning out your password. Don't worry, we explain in easy-to-grasp terms.

This video is provided free of charge. If you enjoy what we do, please consider becoming a Patron so we can continue offering more great content.
Support This Free Content
This episode is sponsored in part by: Eco Alkalines.

Topics Covered:

  • {play 4:56}Something that would have done really well on our nostalgic gamer episode: FullScreenMario
  • Greetings to our newly registered viewers.
  • {play 7:38}Thank you to all who have supported our crowdfunding campaign so far! We need your support. If everyone watching this episode gave just $2, we'd surpass our top goal.
  • {play 12:24}What Eric Kidd has been up to.
  • {play 13:52}Feature: Securing your password by understanding entropy.
    • Note: in order to avoid the overly-complex mathematics of finding true entropy, we have designed some easy-to-understand samples to conduct these demonstrations. Mathematically, they are not entirely accurate and do not take into account all variables, however the facts demonstrated remain (eg., the difference in strength between password types) and this was done intentionally to simplify a very complex lesson.
    • Who we need to be most concerned about when it comes to our password strength.
    • Entropy is the measurement of the unpredictability of data.
    • Uncertainty influences entropy.
    • Some simplistic examples of how to understand the randomness of data.
    • What we generally think of as a strong password is in fact not stong at all. aT3!o5 would take a modern computer just fractions of a second to figure out.
    • Simple word-based passwords can be stronger than hard to remember random passwords for brute-force attacks. projectorfireplace would take a brute-force attacker 334 million years to guess (but only 4 days by dictionary attack—read below).
    • Adding random characters to the simple word-based password will improve the password for dictionary-based attacks.
    • Figuring out the maximum number of tries it would take to brute-force your password.
    • Now that we've created a password that is strong against brute-force attacks, let's strengthen it so a dictionary attack has more trouble guessing your password.
    • Note: Based on what we've learned, a dictionary attack could figure out projectorfireplace in only 4 days (based on 1,000,000 words in the English language). So it is important to also add some protection against these types of attacks. pRojectorf1replace@&*monitor would take a modern computer up to 525 decillion years to crack. Not too likely to happen.
    • Using common sense not to share your actual password, test your password security using the How Secure Is My Password tool. Also check out GRC's "How Big Is Your Haystack" page.
    • Don't use the same password on any services.
  • {play 36:22}Top Stories from the Category5.TV Newsroom.
    • Removal of scar tissue from the heart may help patients of pending heart failure.
    • IsoHunt is shutting down and being hit with a $110m fine.
    • IBM is working on a computer architecture based loosely on the human brain, complete with “blood”.
    • Microsoft has done it again! Their latest upgrade to “fix” their OS has in fact broken it.
  • {play 43:33}Unboxing the new Roku 2.
    • Roku 1 and Roku 2 works with TV's with HDMI or composite connectors. Roku 3 only has HDMI.
    • Roku 2 and Roku 3 feature in in-remote headphone jack.
  • {play 51:20}Viewer Question: How much does Wirecast cost, and how can I obtain it in India? Do you prefer Windows or Mac OS for Wirecast? Is Mac or PC hardware better for broadcasting with Wirecast?
  • {play 57:54}Please support Category5 TV on our Indiegogo fundraiser.
  • Host: Robbie Ferguson
  • Co-Host: Eric Kidd


Technology TV
Episode 658 Live:

Being Watched

Twitter Posts

Login to Category5

Error message here!

Hide Error message here!

Forgot your password?

Register on Category5

Error message here!

Error message here!

Hide Error message here!

Lost your password? Please enter your email address. You will receive a link to create a new password.

Error message here!

Back to log-in