How Much do you know about Cyber Security Quiz

[NJW]

Simply calculating the entropy for a given string is only part of the issue. As I mentioned previously, modern cracking techniques have some very clever algorithms for selecting strings to test, including where the password is used (e.g., Facebook passwords are more likely to follow a given pattern than, say, Technibble passwords; some demographics have more predictable passwords than others).

Entropy is good – and more is better – but is most significant for simple brute force attacks, which are not the first resort for cracking a password.

 

[HCHTech]

w/r/t entropy - of course it is only part of the equation, but it's the only a reproducable way to compare any two given passwords without any other information. I did think about using the larger character set for the simpler password, but I was just trying to imagine how the test drafters might have done it. So using the smaller character set gives the worst case scenario answer. None of this takes into account the post-it stuck to the monitor with the password carefully written there.

I didn't count ascii characters, but found a reference that said "all printable ascii characters except space" = 94.....might have been the wikipedia article. Some systems let you enter extended characters, I imagine, that would be a nightmare to support.

 

[mikeroq]

9/10.

I disagree with the password one. Not many good options there but Boat123 would take the longest for a computer to crack. But a more secure password would be a passphrase....correct horse battery staple..cept that one.

 

[ComputerRepairTech]

I got the password question right before I knew it was thinking about the whole uppercase, lowercase, symbol, numbers recommendation because thats very common.

The most secure password is a technically a randomly generated long mix of upper,lower,symbols, and numbers of course. This can't really be disputed, you can certainly argue that the user will probably save the password in such a way that it can be compromised but thats on the user. Realistically no one is going to brute force you without a good reason and even then its usually a last resort unless they have a clue of what it might be. With all those hacked password databases out there a person may be able to spot a pattern in previously used logins and build a word list based on that but I don't expect them to sit there and truly brute force a password without any clues.

 

[mlcomputers]

8/10 , Not happy about the VPN question to be honest