Hackers EASILY see your password! 

Great video exposing the dangers of poor, short passwords. The one issue I have with long passwords is the odds of making a mistake typing it in is very high, especially on a mobile phone keyboard. This is problematic when some sites lock your account after only a few tries.

I work in IT Security and i can't express how important this video is to everyone NOT using a longer password/password manager. That guide by Hive systems is beautiful but sadly you can't download it without a corporate email. Liron you should put a pdf downloadable link in your video description so everyone can have that image.

Please be careful with words. Longer passwords don’t take “5 years” or “400 years”. They take UP TO that time. They can also be cracked in 5 seconds with luck. And that’s where some hacking/cracking really gets a lot of its success: luck. It’s weighted luck in that skill is involved to improve the odds, but still, luck is a factor.

I got a lot out of this video. In particular, the relative risks of short and long passwords. Great job. Thank you, Liron.

I stumbled across this channel a while back. Must have been looking for help to do something with my computer. I subscribed immediately because the information, while technical, was also presented at a level I could use.

We studied this thing when I was a student and we calculated how much time it would take to brute force a password, I don't remember how, but I do remember that my password would take thousands of years to crack with the tech on that year lmao

As usual another awesome video! Thanks for all the work you put into making these videos👍!

I find it irritating that some accounts require you to use special characters, while other accounts don't allow special characters.

Great video again 🙂 Thanks for giving people nice security advices. If I can add something , it's not creating a password with commom names or people surnames in it (eg: cat35€Michael^685) they can be found in permutation dictionnary-based attacks . And my favorite advice : I sometimes use long latin sentences . Yep , latin words are never included in dictionnaries.

I have a few Word files on my Windows machine that have short passwords I can remember easily and most are the same. So after the video, I need to make more complicated, unique passwords which of course are harder to remember. My solution is to use the password generator in my password manager, create a complex password, copy the password from the generator and paste into the secure notes section of the password manager. There is an entry heading suggesting the Word file name for each file password protected and the complex password is in the body of the entry. So to use it, I open the Word file and in the password field paste in the appropriate password from the secure notes section of the password manager. Once set up, it is just a paste operation. The password storage is secure. The password can be very complex and I don't have to worry about where the passwords are stored.

I have watched a few of your vids, so I figured its about time I left a comment. I really love your videos. Not because of the content, but because of the way you present them. Even though, I rarely come across things here that I dont already know, I watch them anyway because of the way you present them. it makes it super easy to send it to my non techie friends, since I know they will be able to understand it easily.

I use passwords that contain characters not on the extended ASCII list, such as: ½+¼=¾ or 3²+2³=17¹ ; the ¾, ², ³, ¹ won't be on your list of millions of passwords. Sometimes those characters are not allowed so I just use a very long password with lots of special ASCII characters. That's true on phones as well.

I hate that browsers even ASK you to save passwords knowing that will be a honeypot for hackers to attack. Definitely worth disabling in the settings.

Protip: Never check your password "strength" on a password strength testing website. Some will obviously be collecting all passwords and making a dictionary out of them.

I despair. I'm going to buy notepads, pencils and a flock of trained homing pigeons.

Great advice, long passwords are way more secure and can be easy to remember. It's taken a while to convince some people at tbe office of this, but they are getting there. Also, i find it funny how those rainbow tables of passwords prove just how similar the vast majority of people are. Your short, 'unique' password likely isn't as unique as you think it is.

YOU ROCK MAN - And a digital life saver too!! Thank You Liron. I already subscribed, and gave you a thumbs up.

Thanks for scaring me. My favourite method of composing a password is to take the first line of a book "Scarlett O'Hara was not beautiful, but men seldom realized" and use the first letter of each word (or the last). In this case it is sownbbmsr and then add some decoration "sownbbmsr!*!". I believe that would be resistant to a hash file. BTW the book in this case is Gone with the Wind.

15 yr old daughter's friend cracked her iphone's password. they asked permission she said yes. now she made a better password since i told her basically the same thing. yep she didn't believe when when i showed her the power of linux but listens to friends 😑😅 great video

Which password manager is the best or should just create your own? Thank you for all your great videos. I have learned a lot.

So here I am, with 50 accounts with mostly different passwords. The whole account process is driving me crazy.

OMG! Just made me realize why I use song titles and we'll known phrases and sayings. Thanks again. Your a genius. 👍

Been using the mixed caharcter 8 letter password for some time but it certainly looks like moving to 9 or 10 characters is really worth while.

Again a big eye opener Liron so will be changing passwords to sentences that mine alone I hope. Those space passwords are clever.

Thanks for another great video! Do you have a link for the info graphic showing the correlation between password length and time to decrypt? Would love to share that with family & friends.

100 people think they are clever now by changing their passwords to "I subscribed to this channel!! lol

I let my password manager to generate one with 100 characters, then i copy and paste when needed, just seconds and give me more security. Only ones I cannot allow that are Google and Microsoft, because when setting a new phone or PC could be crazy to write the complete password 😅

Thats a very helpful video, but can you please tell me how did you transfer the word document from your windows to your kali?

Very interesting and informative! Thank you!

SpongeBob Narrator Guy: One eternity later Liron Segev: Alright so it's been 12 hours...

Appreciate the tips!

Always great value Liron. Thanks mate

You have given me a very good idea for a password which I have modified upon so for that... Thankyou

The problem with such a long password is you forget what it is and have to go through the process of coming up with another one. I have had the correct password rejected on some accounts and had to come up with a new one.

Awesome information. Thank you! Now beginning the long task of changing ALL of my passwords..... this is going to take a while 🤔

Liron, what do you think about password managers like Bitwarden, Lastpass, etc?

Thank you for showing the vulnerability of storing one’s password in a browser. I have been suspect how hackers might backdoor into password keys.

Thanks Liron !! Very informative as always. I watch all of the videos and I appreciate all the hard work that goes into them. Keep up the great job !! 👍👍 ⭐️⭐️⭐️⭐️⭐️

So isn't the solution 2-factor authentication. I always use a minimum of 12 characters, including, numbers, upper case, lower case, and special characters, plus 2 factors authentication on my phone. How can that be cracked?

So, so true, especially of BikTek troll-hackers of their own customers.

Learned much on passwords today. Thank you. :)

Aren't most portals limiting the number of failed login attempts? I thought it is like 3 or 5 attempts and your account is locked. So how can then these random tries break my password? Am I missing something?

Great video! You showed how Google Chrome's way of saving passwords is not secure. Is that also true of Apple's iCloud Keychain?

Very fine, Liron. Congratulations for explains to education and conscientization on security.

Another fantastic video! Thanks for making our online life safer.

Hey Liron, could you do a video on expanding your battery life on smartphones please? It'll be very helpful and informative for us. Thanks.

What are you using? A PC, how many cores, a video card? Remember hackers kinda made up the leet speek (replacing 3, with E) so they know to look for that. As well you are also using a found password lost file, so if the password is not in there it won't find it. Not really all of the info there to really show what you are doing.

I really appreciate everything that your sharing on your RU-vid channel. They are very helpful. Thank you .

jokes on you my password is the first trillion digits of pi.

THANK you very much really eye opening!!! i will change all my passwords. Namaste from Holland

Holy smokes man! Thanks so much for sharing your findings and putting this information up. All of your videos are excellent for learning the ins and outs of online safety and security.

Shares the app flatform u click at ur up bar of ur screen??????

All your videos are really good. Thanks very much.

Liron, several viewers have proposed using known-by-heart passages from favorite books, taking the 1st letter of each word to form the password. I use favorite lines from obscure poems in a similar way. How does this strategy score in your collection of password alternatives, please?

I like having four random words and some random numbers in my password (1 English, 1 Italian, 1 French, 1 greeklish and some numbers sprinkled between them). I have some books i turn them in the same page and i pick 4 words in a way that i will remember them.

Very valuable information. Thank you very much

Like I keep saying to people who think passwords are simple, "WAIT TILL YOU"RE MY AGE" And you've been adding more and more and more and more passwords to your list for thirty years. THERE is a LIMIT. Especially to your sanity.

My understanding was that the hackers didn’t actually have access to the password itself to work on like in this simple test, so aren’t they limited to a few tries and then locked out like the rest of us? Very interesting adding even one more to your pass can have that much effect.

Always great info thank you.

Thanks for this awesome video! Much appreciated. One question: What about using Latin words, Hebrew words, AND storing them in the password lock boxes, such as Mcafee, or Advast, any of the security companies instead of using Chrome, or Google. Yes, Chrome and Google are extremely handy to use, but, at what expense?

Superb vid. Thanks!

Thank you! What about the Credentials storage?

I have a custom built computer that will go through the rockyou wordlist in less then a second. I use a wordlist called weakpass which is 110 gigs, that has almost 10 Billion passwords. My PC goes through it in 17 minutes. I'm using an NVIDIA RTX 4090 GPU with 128 processors!

Very informative video, thank you .

Gracias! I began 17 character passwords approximately 2 years ago for that reason.

Thank you very much for this very useful information. 🙏🙏

Amazing Video Liron, perhaps you can do a tutorial about Wi-Fi Router hacking and the best way of protecting a Router with a BETTER password, maybe using Kali Linux , please Liron, consider this buddy.

זה היה מעניין, תודה רבה!

Super Great video Man , thanks

Excellent!!! Thanks for demoing.

Great Vid man

Thank you Liron, this is great

Thank you so much for this!!

Thank you for your time, sharing this critical information with us !!

Very helpful!

I use pwr generator and I try not to save my passwords in a browser, but I still do not trust if they aren't saved somewhere in cookies or the browser even though I always click NO to save my password. Please make a video where you explain how to check if these passwords aren't saved somewhere and how to turn off this function or completely get rid of it.

NIST recommends long passwords and forget complexity. All complexity does, is make it very hard to type (and remember). I like Canterbury tales for phrases, including blanks when possible: "A clerk had litherly biset his whyle" You'd have to have my book to even start to guess and sometimes even spelling varies from edition to edition.

What if the number of "try" attempts are limited?

thank you so much for knowledge

I do not understand why systems allow over perhaps ten or so bad password attempts before a significant time delay kicks in. This is what appears to happen on my Linux based cctv system anyway. I get five tries before I get a stern warning and a time out in the corner

Presenter's accent seems like a curious combination of South African and New Zealand.

You are the best. Very useful

Very nice info, thanks. 👍👍👍

what is the purpose of passwords if hackers can still find them, thanks for the info

Thank you men 😊

If u live in a country with special dialects and special letters, u would have it easier making passwords since the words or phrazes u use isnt in any dictionaries and wordbooks. If u dont, then borrow letters from a another country :)

BTW our "learning institutions should have teachers like you, then everyone would learn a lot!!!

Is it okay to copy & paste mega super long passwords from a list you keep in an encrypted excel spreadsheet? That way, i only need to memorize the mega super long password of the excel file.

It's really the uniqueness rather than the number of characters when you're dealing with hashes.

How is it able to check over and over without being locked out? What sort of encryption does MS Word use?

what about simple pswd's, but 2 passes thru the encryption algo?

i dont know ask googe and firefox my question is does action fraud have a pyle awen Library card time to go back to paper

Brute force time can be massively reduced by eliminating strings not equal to the password length. 15 char passwords. Only compare to 15 char brute force strings

It is high time a new secure way to protect our computer. How about unplugging the input cable after use.

For years, for my client documents I have used one time only passwords that are around 10-15 characters long, and use a mixture of upper and lower case letters, numbers and special characters (?:*&% etc.). The stuff I do for my for clients is highly confidential... I then found out that one of my clients, when sharing the files with his colleagues would put a copy of the password into the filename "for ease". 😱

please sir, do you have a group for learning all this things sir??

Never use a Word or only Numbers, Only. Mix all items up, Numbers, upper lower case, Special characters, ETC! This is great as I used 20 Digits, for my Legal stuff, Like a Bank!

Don't sites limit the number of tries on a password

Well, woah ! Thanks for the tips 👍👍

I always use at least 10 characters, usually 12+, mixed case, numeric and special characters. And based on personal experiences or personal trivia. Yup, I NEVER let browsers save my passwords. I even don't like the idea of password managers (i.e. KeePass), putting all your eggs in one basket to me. I don't like storing passwords digitally anywhere, I prefer cryptic analog.