In the wake of recent account compromises, including Associated Press and the rampant breaches orchestrated by the "Syrian Electronic Army", Twitter have recently released
2FA (2 Factor Authentication), which is a most welcome addition to
bolster users' security. It is not, however, the be-all and end-all:
users are still responsible for choosing strong, hard-to-guess
passwords. If your password is compromised, control of your account may
be lost to malicious actors.
While it's true that, given enough time and resources, all passwords
are crackable regardless of their complexity – a pass-string of 200
random characters is ultimately just as vulnerable to brute forcing as a
password containing just one character – the aim of a complex
pass-string is to make an attack chronologically infeasible. Let’s
first take a look at the total number of possible combinations for a
given base of elements:
…(read more)