Why it's ridiculously dumb having a 100% random password

Topic: Why it's ridiculously dumb having a 100% random password (Read 8118 times) previous topic - next topic

0 Members and 7 Guests are viewing this topic.

Re: Why it's ridiculously dumb having a 100% random password

Reply #60 – 13 January 2023, 11:38:06

Verified that 221... or 31.... etc and do not even come close to 21111...The more rep. progressively they start belonging to weaker and
weaker BBP's 10/100/1000 and eventually /gillions x weaker

All we need is to see where is the flipping point where LSP jumps from 11111111.. to 2111111.. that's bout it. And that I've already
covered by calc. both of those A(T,S) and A[T,(S-1)]*3(S-2) and see which one produces bigger numbers

Now I'm just showing another well known example, a simple 4 digit PIN (0-9)

Text file can be downloaded for better grasp of it

Now look with your own eyes what it means to generate your PIN randomly

First 6266 randomly generated PIN belongs to a BBP (3100) that has only 360 possible variants. But you can see another even worse PIN 5566 that has a BBP (2200) even weaker 270 variants.
Also you can notice most of the random PIN's has 1 rep number that correspond to 2nd best BBP. Couple of others indeed belong to the 1st Ranked BBP. But the point already was proven.

Random means random and not secure. Nobody would want to randomly generate a PIN that is roughly 19x weaker and for what lol
There is no RATIONALE in choosing passwords/pins or any other security related components thru Lotteries/Coffee guessing/nor
other Enchantments or voodoo or stupid shit like that.

🚫🚫🚫 RANDOM PASSWORDS 🚫🚫🚫 ARE A GOOD RECIPE FOR DISASTER ‼️‼️‼️‼️

🚨 🚨 🚨 DO NOT GENERATE HAZARDOUSLY PASSWORDS FOR SECURITY REASONS BUT ONLY FOR FUN 🚨 🚨 🚨

Re: Why it's ridiculously dumb having a 100% random password

Reply #61 – 13 January 2023, 23:02:55

How come so many of your randomly generated passwords shown have duplicated numbers, if there is a much greater number of possibilities that do not? Is the random generator malfunctioning?

Re: Why it's ridiculously dumb having a 100% random password

Reply #62 – 14 January 2023, 03:16:38

Quote from: Surf3r – on 13 January 2023, 11:38:06

Random means random and not secure.

It is stupid not to use a password generator.

Code: [Select]

cat /dev/urandom | tr -dc '[:digit:]' | fold -w 4 | head -n 20

Re: Why it's ridiculously dumb having a 100% random password

Reply #63 – 14 January 2023, 09:27:05

Quote from: Surf3r – on 13 January 2023, 11:38:06

🚨🚨🚨 DO NOT GENERATE HAZARDOUSLY PASSWORDS FOR SECURITY REASONS BUT ONLY FOR FUN 🚨 🚨 🚨

That utterance is possibly closer to a randomly generated password than it is to a coherent English sentence

Re: Why it's ridiculously dumb having a 100% random password

Reply #64 – 14 January 2023, 10:21:50

@####### It's not malfunctioning it's what random things really are. Remember we don't want a probable security. We need a strong security. The reason the guys blindly search for the "PERFECT RANDOMNESS' it's because they can see the short comings of their dumb model but put it on the back of a "NOT PERFECTLY ENOUGH RANDOMNESS". Which doubles their stupidity and brings it thru the roof.

Nobody wants too much meteorology or lottery in their security. While my model offers best strength of a password, a random generated password offers only a probable security. I for one consider random-security as inadequate and anachronistic for the year 2023. It should have not be considered from the beginning.

If the phrase "It could be secure" is enough for you then keep it up. If not let's join together and mock and ridicule this METEOROLOGISTS that try to pass as Navy SEAL or SWAT or USAF.

METEOROLOGY/LOTTERY is not about SECURITY it's about the 🌦️ weather/luck 🍀. And even the weather, here and there are rumors, it can be changed

We have to re-think our encryption/kernels/memory randomization and everything random has to be ruled out as a deprecated concept.

@gripped it make perfect sense my fren you just reading it wrong. Or you just want to read it wrong

@lq you just proved that PROBABLE your password is secure. Nothing more. Why on earth you need PROBABLE and not full blown SECURE? But do not forget you generated a shit ton of PINs with 1 repetition which is second best and not the best so yours will be cracked faster 🤣. If PIN exceeds 5 digits then yeah you'll be good but how do you know for sure? Simple, follow my standards and you'll be good.

Re: Why it's ridiculously dumb having a 100% random password

Reply #65 – 14 January 2023, 11:04:48

Quote from: Surf3r – on 14 January 2023, 10:21:50

I for one consider random-security as inadequate and anachronistic for the year 2023. It should have not be considered from the beginning.

I see.

"Ceterum censeo M$ esse delendam"

Re: Why it's ridiculously dumb having a 100% random password

Reply #66 – 14 January 2023, 11:06:21

All that I want to add on this is if someone got inspired from this thread and wanna write an article or any other public assertion on what's being discussed here I would politely wanna ask them to specify somewhere visible: The source link from where they got inspired, Artix Community that made possible debating the subject and the User (Me) who opened this thread. Thanks and as usual, have an amazing day everyone.

Re: Why it's ridiculously dumb having a 100% random password

Reply #67 – 14 January 2023, 11:13:44

@lq It's a spoofed user agent in firefox. Already addressed that. It's "privacy.resistFingerprinting" flipped to true in firefox about:config advanced settings

Re: Why it's ridiculously dumb having a 100% random password

Reply #68 – 14 January 2023, 11:24:20

Quote from: Surf3r – on 14 January 2023, 11:13:44

@lq It's a spoofed user agent in firefox. Already addressed that. It's "privacy.resistFingerprinting" flipped to true in firefox about:config advanced settings

Going off the crazy (

) topic here but mine shows the same for the same reason. It's something I actually considered bringing up on here. That perhaps this 'OS' in the drop down should be user settable, or just not be there, as it it can't be reliably deduced from a user agent string. Once maybe but not any more. But in the end I decided not to bother. It amuses me that I'm shown as using Windows 10

Re: Why it's ridiculously dumb having a 100% random password

Reply #69 – 14 January 2023, 11:30:46

Quote from: Surf3r – on 14 January 2023, 11:13:44

@lq It's a spoofed user agent in firefox.

It's clear from your posts [not just here in the thread] that you're a m$ groupie, so your explanation doesn't really matter.

Re: Why it's ridiculously dumb having a 100% random password

Reply #70 – 14 January 2023, 11:46:54

Quote from: gripped – on 14 January 2023, 11:24:20

It amuses me that I'm shown as using Windows 10

I call that irony of fate, because I can't see any difference at all between KDE-Plasma and M$-Windows.

Re: Why it's ridiculously dumb having a 100% random password

Reply #71 – 14 January 2023, 11:57:27

Quote from: lq – on 14 January 2023, 11:46:54

I call that irony of fate, because I can't see any difference at all between KDE-Plasma and M$-Windows.

MS have certainly taken a lot of inspiration from Plasma

Re: Why it's ridiculously dumb having a 100% random password

Reply #72 – 14 January 2023, 15:06:43

Quote from: lq – on 14 January 2023, 11:30:46

It's clear from your posts [not just here in the thread] that you're a m$ groupie, so your explanation doesn't really matter.

First time when I've met linux was on my mobile and not on laptop or desktop surprisingly. It had a so called Maemo operating system, forked from debian. It was back in 2009 when @lq was 5 years old

You can call me a groupie of whatever you want but not a MS groupie. On laptop/desktop switched to Linux back in 2015. I consider MS Windoze a lame operating system for lazy and digitally unalphabetized users.

Re: Why it's ridiculously dumb having a 100% random password

Reply #73 – 16 January 2023, 10:23:38

   For the bitcoin/crypto enthusiast a warning ⚠️ ⚠️ ⚠️

   Bitcoin mnemonic phrase strength

   T - 2048 Total word list ; S - String length 12

   A(T,S)    A(2048,12)=5,27×10³⁹ NO rep.
   A[T,(S-1)]*3(S-2) A(2048, 11)*3*10=7,76×10³⁷    ONE rep.

   Repeating even ONE single word will degrade mnemonic phrase strength by a factor of roughly 68 times

   Recommendation would be to use at least 3 multisig (3, 5 or even 7 mnemonic phrases) and do not repeat any word
   from the word list in the same mnemonic phrase ‼️

   This is an approximation because the last word in a mnemonic phrase has to complete some sort of a checksum
   so it can't be just any word out of those 2048 but only some of those and so the requirement of having multisig wallet
   is even more necessary.

   For comparison a 63 long string from a Total of 94 symbols and chars with ONE rep.
   has about 7,56×10¹¹² possible variants and so it's far more secure (about 10⁷⁵ more secure) than a bitcoin mnemonic
   phrase because STRING length is longer vs Total chars number while Bitcoin mnemonic phrase length is only a tiny insignificant
   fraction 12 or 24 words out of 2048 total dictionary words.

   WARNING !!! 🚫 🚫 🚫 ⚠️ ⚠️ ⚠️
   DO NOT STORE BITCOIN ON A NON AT LEAST 3 MULTISIG WALLET MORE THAN COUPLE OF DAYS IF AT ALL !!!

   Better feel safe than sorry ☮️ ☮️ ☮️

Re: Why it's ridiculously dumb having a 100% random password

Reply #74 – 17 January 2023, 20:59:41

Quote from: Surf3r – on 14 January 2023, 11:13:44

@lq It's a spoofed user agent in firefox. Already addressed that. It's "privacy.resistFingerprinting" flipped to true in firefox about:config advanced settings

I wouldn't exactly recommend setting your useragent to windows if you're using Linux.

Any competent tracking system will figure out you're using X11/wayland, you telling you're on windows yet your windowing system is from Unix is the equivalent of strapping a giant neon sign to yourself with fireworks going off everywhere with just how unique you make yourself out to be.

If you really want a windows useragent, use an appropriate windows VM of if you're on Linux, my best guess would be to use a Linux Chrome ( not chromium ) useragent.