Generate 1 to 50,000 unique passwords
Specify fixed or random length passwords
Selectable character ranges consisting of Uppercase, Lowercase, Numbers and Special characters
Dictionary words of 2 to 9 letters in length
Mask editing to generate formatted passwords
Save password lists as text, delimited, HTML or XML
WEP key generator (40, 64, 104, 128, 152, 232 and 256 bit keys)
Random byte generator creates random hexidecimal, decimal, octal or binary strings ranging from 256 to 16,384 bytes in length.

Answered by Ashish Yadav , an ibibo Wizard, at 9:01 AM on October 24, 2008

o Each password must have at least eight characters.
Only the first eight characters are significant.
PASSLENGTH is found in /etc/default/passwd and is set
to 6.

o Each password must contain at least two alphabetic
characters and at least one numeric or special char-
acter. In this case, "alphabetic" refers to all
upper or lower case letters.

o Each password must differ from the user's login name
and any reverse or circular shift of that login name.
For comparison purposes, an upper case letter and its
corresponding lower case letter are equivalent.

o New passwords must differ from the old by at least
three characters. For comparison purposes, an upper
case letter and its corresponding lower case letter
are equivalent.

Answered by Sandeep , an ibibo Citizen, at 5:41 PM on October 23, 2008

Passwords vary in their degree of security protection, frequency of change, and typically vary in required characteristics (eg, minimum and maximum lengths, permitted characters, etc) from system to system. The most public, and therefore least secure, password might be one that is given to members of a group, a committee or some other organization. For instance, "publiclibrary", "internet", "AAAfinancecommittee" or "password" are all examples of easily remembered passwords, more or less publicly knowable passwords.

Less easily attacked passwords might be built from such a basic form, for instance, "smith12nov34street" or "AAAchairpersonSUE". These are slightly more secure, but being relatively easily predictable should not be relied upon to actually block unauthorized access. Effective access control requires passwords which are more difficult to guess or to find automatically, less publicly knowable (ideally not at all), and these are the subject of much of the rest of this article. One method of creating passwords that are memorable, but harder to attack successfully is to use selective substitution of numbers for letters, e.g. 'I' is replaced by '1', 'E' by '3' etc. This becomes even more secure if the numbers are 'shifted' on the keyboard. In this instance, the number '1' might be replaced by '!', assuming '!' is a permitted character in passwords on the relevant system

Answered by BAGYALAKSHMI , an ibibo Advisor, at 4:20 PM on October 23, 2008

well,Each password must have at least eight characters.
Only the first eight characters are significant.
PASSLENGTH is found in /etc/default/passwd and is set
to 6.

o Each password must contain at least two alphabetic
characters and at least one numeric or special char-
acter. In this case, "alphabetic" refers to all
upper or lower case letters.

o Each password must differ from the user's login name
and any reverse or circular shift of that login name.
For comparison purposes, an upper case letter and its
corresponding lower case letter are equivalent.

o New passwords must differ from the old by at least
three characters. For comparison purposes, an upper
case letter and its corresponding lower case letter
are equivalent.

Answered by Debashis , an ibibo Master, at 1:44 PM on October 23, 2008

Password crackers have many tools at their disposal to cut down the amount of time it takes to crack your password. Selecting a secure password will help to ensure that the password cracker must take as much time as possible to guess or otherwise identify your password. No password is ultimately secure, but if it takes the password cracker longer to crack the password than it takes for the password to become useless, you will have succeeded in thwarting the cracker's attack.

Answered by Gyan Singh , an ibibo Master, at 1:38 PM on October 23, 2008

well sonalika,

One of the first things an attackers may do is run a program that attempts to guess the password of the target. These programs contain entire dictionaries of several languages. In addition to containing dictionary word lists, they frequently create words and contain word lists from popular culture, such as, slang terms, movies, novels, etc.
With this in mind, users should construct a password that meets the following criteria:
• Passwords should ALWAYS contain:

1 At least eight characters
2Both upper and lower case characters (e.g., a-z, A-Z)
3 At least one number (e.g., 0-9)
4 At least one special character (e.g., !@#$%^&*()_+|~-=\`{}[]:";'<>?,./)


• Passwords should NOT

 Be based on personal information, such as, names of family, dates, addresses, phone numbers, etc
Be based on work information, such as room numbers, building name, co-worker's name, phone number, etc

Answered by Venkata , an ibibo Specialist, at 12:45 PM on October 23, 2008

Insecure methods

Passwords should not be created using personal information about yourself or your family. A password cracker with incentive to break your personal password will use this information first, making these passwords the least secure passwords. Examples of bad passwords of this type are: your name, birthplace, nickname, family name, names of pets, street address, parents names, names of siblings and the like.


Passwords should not be formed of words out of any dictionary or book. Longer words do not generally add much protection. Using known words in any language allows the password cracker to take shortcuts in his password cracking schemes, allowing him to guess your password in a very small fraction of the time it would take otherwise. Examples of bad passwords of this type are: dragon, secret, cheese, god, love, sex, life and similar words.


Passwords should not be composed of proper nouns of places, ideas, or people. These words are commonly found in password cracker databases. Examples are: Jehovah, Tylenol, edutainment, Coolio, beesknees, transformers.


Passwords should not be simple variations of words. Although these passwords don't appear in a book or dictionary, it is a simple matter to generate a replacement word list automatically. These passwords are more secure than the above two examples, but not significantly more secure. Examples of passwords of this type are drowssap, l0ve, s3cr3t, dr@gon, and similar word-like terms.


Passwords should not be a concatenation of two words commonly following each other in a sentence. These passwords are more secure than the above password concepts, but still fall far short for password security. Examples of these kinds of passwords are: whatfor, divineright, bigpig, ilove, farfetched, catspajamas.


Do not reuse recently employed passwords again. If you find it difficult to pick a new password, you should wait until you changed you password at least 5 times before reusing an old password, or 12 months if password changes are common.

Secure methods

Always change your password immediately if you feel that your password has been compromised. Always do this directly. Never follow links sent to you in email, through an instant messenger client, or from a phone call you received. Ask for administrative assistance if you have trouble changing your password.


Do not write your password down where others may find it. If you must write it down, ensure it is in a locked location that is only accessible to you. Hiding your password in places you feel it is unlikely to be found is not helpful. Password crackers have a criminal mind, and generally know where to look.


It is important that you change your password on a regular schedule, at least every six months. This assists you by throwing off any cracking efforts that might be in progress, but have not yet been completed. It also helps you if somehow you have compromised your password in some other way without knowing it.


Select passwords that use a mixture of capital letters, numbers, and special characters. Take heed however, some systems do not allow you to use some or any special characters. Make sure you check the password criteria for the system you are using ahead of time, if possible.


Use substitution of numbers for letters and letters for numbers in your passwords. Although this is not a primary method of securing your password, it will add another layer of security on top of a good password, and will prevent the accidental guess of your password due to circumstances.


Where it is not possible to use many characters in your password (less than 14), it is advisable to create a password by creating a passphrase, and selecting letters in a specific position in each word. An example of this is "jJjshnImn2". As you notice, it's unlikely that any cracker would

Answered by Hem@nt .... , an ibibo Master, at 12:23 PM on October 23, 2008

well, Client-to-client password authenticated key exchange (C2C-PAKE) protocol enables two clients who only share their passwords with their own servers to establish a shared key for their secure communications. Recently, Byun et al. and Yin-Li respectively proposed first provably secure C2C-PAKE protocols. However, both protocols are found to be vulnerable to undetectable online dictionary attacks and other attacks. In this paper, we present an efficient generic construction for cross-realm C2C-PAKE protocols and prove its security in the Random-or-Real model due to Abdalla et al., without making use of the Random Oracle model.
source site: http://portal.acm.org/citation.cfm? id=1370576

Answered by Romi , an ibibo Master, at 12:22 PM on October 23, 2008

Password crackers have many tools at their disposal to cut down the amount of time it takes to crack your password. Selecting a secure password will help to ensure that the password cracker must take as much time as possible to guess or otherwise identify your password. No password is ultimately secure, but if it takes the password cracker longer to crack the password than it takes for the password to become useless, you will have succeeded in thwarting the cracker's attack.

Insecure methods

• Passwords should not be created using personal information about yourself or your family. A password cracker with incentive to break your personal password will use this information first, making these passwords the least secure passwords. Examples of bad passwords of this type are: your name, birthplace, nickname, family name, names of pets, street address, parents names, names of siblings and the like.
• Passwords should not be formed of words out of any dictionary or book. Longer words do not generally add much protection. Using known words in any language allows the password cracker to take shortcuts in his password cracking schemes, allowing him to guess your password in a very small fraction of the time it would take otherwise. Examples of bad passwords of this type are: dragon, secret, cheese, god, love, sex, life and similar words.
• Passwords should not be composed of proper nouns of places, ideas, or people. These words are commonly found in password cracker databases. Examples are: Jehovah, Tylenol, edutainment, Coolio, beesknees, transformers.
• Passwords should not be simple variations of words. Although these passwords don't appear in a book or dictionary, it is a simple matter to generate a replacement word list automatically. These passwords are more secure than the above two examples, but not significantly more secure. Examples of passwords of this type are drowssap, l0ve, s3cr3t, dr@gon, and similar word-like terms.
• Passwords should not be a concatenation of two words commonly following each other in a sentence. These passwords are more secure than the above password concepts, but still fall far short for password security. Examples of these kinds of passwords are: whatfor, divineright, bigpig, ilove, farfetched, catspajamas.
• Do not reuse recently employed passwords again. If you find it difficult to pick a new password, you should wait until you changed you password at least 5 times before reusing an old password, or 12 months if password changes are common.
Secure methods
• Always change your password immediately if you feel that your password has been compromised. Always do this directly. Never follow links sent to you in email, through an instant messenger client, or from a phone call you received. Ask for administrative assistance if you have trouble changing your password.
• Do not write your password down where others may find it. If you must write it down, ensure it is in a locked location that is only accessible to you. Hiding your password in places you feel it is unlikely to be found is not helpful. Password crackers have a criminal mind, and generally know where to look.
• It is important that you change your password on a regular schedule, at least every six months. This assists you by throwing off any cracking efforts that might be in progress, but have not yet been completed. It also helps you if somehow you have compromised your password in some other way without knowing it.
• Select passwords that use a mixture of capital letters, numbers, and special characters. Take heed however, some systems do not allow you to use some or any special characters. Make sure you check the password criteria for the system you are using ahead of time, if possible.
• Use substitution of numbers for letters and letters for numbers in your passwords. Although this is not a primary method of securing your password, it will add another layer of security on top

Answered by NIVEDITA , an ibibo Master, at 12:21 PM on October 23, 2008