brainwallets need to go

[CryptKeeper]

Keepass uses anti-keylogging measures: http://keepass.info/help/v2/autotype_obfuscation.html

[strimbello]

Just hook all the current brainwallets for NXT up to yubikey (http://www.yubico.com/) that way there's the account nr + any password (even a 'weak one' of 16 chars or so) and the two-factor auth from the Yubikey.

Protects you from keyloggers, and forgotten/misplaced passphrases by the more non-techie users (and we need those,.. a lot)

[farl4bit]

Yubikey looks nice!

[leeo]

The need to come up with a 70+ password was a big barrier to entry for me.  I strung all of the traditional passwords I ever used in my life with a recipe for generating a pretty pattern on a Rubik's cube.  Adding three additional characters brought me to 70 characters.  Ironically, I never key it, but placed it to a KeyPass vault, and simply copy and paste the passphrase.

I've taken to taking something unique to myself, say an old term paper or such, generating a SHA-256 string of it, and use that for a strong password for personal banking or forum passwords.  With the news that Yahoo passwords may be compromised, I systematically changed every access password I ever used to the longest password allowed following this procedure.

Here's an interesting exercise, the null passphrase account is 3791936988034107349.  This is the "account" opened on simply pressing return for the secret phrase.  It owns two aliases, "acountzero", and "zzzz".  Surprisingly, there is much activity to this account, about 56 transactions totaling over 143 kNXT.  Most of these are transfer in, immediate transfer out.  I would suppose that sending to this account is equivalent to leaving a quarter by the payphone.  For fun, I sent 1 NXT to it, which you may claim if you wish.  When you get it, post your experience here....

--LeeO  NXT: 8225732605502514703

[farl4bit]

Here's an interesting exercise, the null passphrase account is 3791936988034107349.  This is the "account" opened on simply pressing return for the secret phrase.  It owns two aliases, "acountzero", and "zzzz".  Surprisingly, there is much activity to this account, about 56 transactions totaling over 143 kNXT.  Most of these are transfer in, immediate transfer out.  I would suppose that sending to this account is equivalent to leaving a quarter by the payphone.  For fun, I sent 1 NXT to it, which you may claim if you wish.  When you get it, post your experience here....

Haha, cool account. I put in 1 NXT too. So, now anyone can really rob this account. 

[farl4bit]

*UPDATE: it's already 'robbed'. 

[leeo]

And here, for your enjoyment is the account who picked up the coin:

ACCOUNT  : 1413811113623034318 PermaLink | PDF | JSON   
 
Balance Total  : 804 NXT USD Equivalent [1]  : 40.28  BTC Equivalent  : 0.0585 

Transfer Total  : 35 Transfer In  : 34 Transfer Out  : 1
Paid Fees Total  : 1 Amounts In  : 806 Amounts Out  : 1
Aliases   0 First Transfer  : 25.01.2014 Last Transfer  : 09.02.2014

Mining Ratio [2]  : 0.0001 % » [0.6184 NXT] Blocks Generated  : 0 Fee Earned  : 0 NXT

 

 [1] USD and BTC equivalents are calculated based on dgex last trade and the btc last from bitcoinaverage. Quotes : NXT/BTC: 0.00007278 | BTC/USD: 688.4   
 [2] Theoretical mining power, there is more to consider. Second value woud be the total until now result if all accounts mining. A higher fee earning indicates less peer mining. 
 
Timestamp In/Out Account Amount Fee  Transaction Block

09.02.2014 08:54:20  3791936988034107349 1 1 8196399287056461836 12170730171704942088

I thought it might be more fun to leave that 1 NXT hanging in the null account, until someone figured out that an additional 1 NXT had to be deposited to get the coin back....  Most fun I've had for USD 0.05 in a very long time.

--LeeO  nxt: 8225732605502514703

[farl4bit]

Ooh sorry for spoiling your joke. 

I've put 1 NXT in again. 

[magoon]

For the requirement analysis of our new project a programmer of my team has analysed this 'issue' as well.
In our simulation we have tried 1.6mio password combinations per day. Even if we guess that every user only uses alphabetical symbols (2x 26) and numbers (10), their will be 56^100 (6.5*10^172) combinations.
To check all accounts it only takes 4*10^166 days
Btw: The number of atoms in the universe (without dark matter) is approx. 10^77.

Password strength is only limited by the user. As usual.

[farl4bit]

Cool! 

How long where the passwords you were trying to hack?

[Come-from-Beyond]

Dress is the everlasting love of females. So many fashion clothes dealers and storekeepers are trying their best to find cheap wholesale dresses online and they know Shiying Sexy Lingerie Co., Ltd is a good cooperator 4-7 years’ goldkey member of many wholesale platforms such as Alibaba and Tradekey. Wholesale evening dresses as low as $5 and mixed batch available.

Account with this passphrase is empty.

[farl4bit]

Dress is the everlasting love of females. So many fashion clothes dealers and storekeepers are trying their best to find cheap wholesale dresses online and they know Shiying Sexy Lingerie Co., Ltd is a good cooperator 4-7 years’ goldkey member of many wholesale platforms such as Alibaba and Tradekey. Wholesale evening dresses as low as $5 and mixed batch available.