Best practices to generate a long and complex password? - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: Best practices to generate a long and complex password? (/thread-10472.html) |
Best practices to generate a long and complex password? - MrWonderful - 11-22-2021 Hello, I have been playing with hashcat for the past weeks as I’m facing a challenge where I have to recover a password for a Multibit wallet (mode 22500) from an user that was referred to me. The password is likely to be long (from 15 to 20 characters) and to be made up of letters, digits and symbols. Phew! Fortunately, the letters and digits are not random. For his passwords, the user chooses words and numbers that have meaning to him and he has a rough idea of what he might have used for his wallet. (I say rough idea because he created his wallet in 2013 when he was inebriated!) Letter capitalization follows predictable and common patterns. The special symbols are trickier since they are random; however, it appears as if they are only 5 characters possible. Thus, I have two files: a list of words and a list of numbers. Now, say I would like to use them to generate a password with the structure below. Word 1 and Word 2 are taken from the same wordlist; same goes for Number 1 and Number 2.
RE: Best practices to generate a long and complex password? - Xanadrel - 11-27-2021 I would likely do something like that as well, so I don't feel like you're doing it wrong at all. You could maybe do it in steps, like for the first run do 0 starting special chars, then 1, 2, 3 (instead of doing a single run with the whole keyspace). RE: Best practices to generate a long and complex password? - MrWonderful - 11-29-2021 (11-27-2021, 07:47 PM)Xanadrel Wrote: I would likely do something like that as well, so I don't feel like you're doing it wrong at all.Thank you for the input. I'm surprised that they aren't many replies, so I presume that what I'm doing is indeed very much correct! |