Welcome to my blog. In here I hope to share with you tips, tricks, hacks and code that will make your life easier as a network administrator or general computer user. I come with a background in computer engineering and have worked for the past 12 years in the Library world as Manager of Library Systems. Even though some of my posts may be Library specific, most will be of use to all computer users.

If you have a tip that you wish to share with the group, please feel free send me your tip via email at my address rkisch@kischtech.com and I will include it here and give credit where credit is do.

Saturday, December 14, 2013

Test your passwords to see if it can be guessed by Microsoft's Telepathwords

A group of researchers at Microsoft and Carnegie Mellon have created a tool that guesses passwords in real time by predicting the next characters in your password. Microsoft has created this program as a way of helping users select better sequences of numbers, letters and special characters to protect their computers.  The system, called Telepathwords, works in the same way as a real attacker would by using its knowledge of common passwords or phrases used in security breaches and search queries. The system behaves like a search engine with predictive text, in that it will try to guess each character in your password before you type it or to complete your entire password by predicting the rest of the characters. 

The only weakness to Telepathwords is that it can not act like an attacker who knows more about you, so it can't try a password based on your birthday, a childs name or some other piece of information that could be gleaned from social engineering or dumpster diving. To protect you the contents of what you type in on the Telepathwords website are not kept and are encrypted on your browser.

So give it a try here and if it guesses your password, change it to something stronger by choosing a password with a combination of lower-case and upper-case letters, at least one number and at least one special character (!@#$%*) and have a lenght of at least 8 characters.