Este tópico do fórum precisa de uma solução
Kudos0

Vault password requirements

Postado: 27-jan-2023 | 4:00PM · 9 Respostas · · Translation:

I need to change my vault password to something secure but easier for both my partner and me to remember. I can’t find any info on what the minimum requirements, if any, are for the vault password: length, case, special characters, etc. For devices where I can’t use biometrics, I’d prefer to use a long, unique passphrase with letters only, which was the requirement at the sensitive federal agency where I used to work.  I’d appreciate any info./ suggestions you can provide. 

Labels: Change Vault Password, Norton Password Manager, Sign in

Respostas

Kudos0

Re: Vault password requirements

Postado: 28-jan-2023 | 1:17AM · Link permanente

i think you can do it ellers it is to be one big letter and on symbol and som number

Kudos0

Re: Vault password requirements

Postado: 28-jan-2023 | 2:52AM · Link permanente

I am not sure about the requirements for the vault password but a good rule of thumb is at least 12 characters made up of numbers, mixed case and special symbols.

If you just wish to use just letters I would use mixed case and make the phrase at least 20 characters in length.

Kudos0

Re: Vault password requirements

Postado: 28-jan-2023 | 4:36AM · Edited: 28-jan-2023 | 4:37AM · Link permanente

If you connect it to you phone you never has to right you password but only vertify it true you phone and you is ok you just need to right it down if something dont work make a good strong password and make it synk. To you phone and remember to do so it not ask always when you start you browser

Kudos0

Re: Vault password requirements

Postado: 28-jan-2023 | 5:16AM · Link permanente

Thanks for your replies. Using case, numbers, and symbols draws from more of the ASCII character set than just lowercase letters, so such a password would appear to be stronger, but its real strength depends on how brute-force cracking algorithms work. If they start by analyzing strings of length 1 to n of lowercase letters and only then begin adding other character subsets, then a lowercase password will be easier to crack, provided it’s not longer than n. But if I’m using a 30-character lowercase string, it would seem to me to be less likely to be cracked by a hacker than a 15-character password that uses more ASCII subsets. Is that correct?

Kudos0

Re: Vault password requirements

Postado: 28-jan-2023 | 5:40AM · Edited: 28-jan-2023 | 6:22AM · Link permanente

The math for the 30 character lower case string would be:

26^30 (that is 26 raised to the 30th power) = 2.81 e+42 = 2,810,000,000,000,000,000,000,000,000,000,000,000,000,000

The math for the 15 character full ASCII subset would be:

75^15 = 13,363,461,010,158,061,981,201,171,875

So to answer your question the brute force takes longer on the 30 character lower case string. In either case the time required for current computer processing to crack the password would be more than the age of the universe for both sets.

Of course the assumption in these calculations is that the password is generated randomly. If as you have stated the password has some pattern to it that might be picked up by a password crack program then the number of combinations is reduced greatly and the brute force would require much less time.

Kudos0

Re: Vault password requirements

Postado: 28-jan-2023 | 6:54AM · Link permanente

Thanks. Basically, I guess it’s a question of a longer passphrase consisting of real words that are easy to remember but not to guess—so no song lyrics or common quotes—vs a shorter password consisting of randomly generated characters. Of course, randomly chosen words with some addition of other ascii characters—such as “2tonic”—would be best, and presumably it’s not a bad idea to mix languages, but I have to have a vault password that’s easy for my partner and me to remember, so randomness needs to be minimal. Any suggestions of practices that would meet those criteria would be greatly appreciated. 

Kudos0

Re: Vault password requirements

Postado: 28-jan-2023 | 6:58AM · Link permanente

Try some math equation combined with a phrase. For example:

Ithink2+2=4butmaybeitequals22!

Kudos0

Re: Vault password requirements

Postado: 28-jan-2023 | 9:02AM · Link permanente

Interesting approach. Thanks! The solution I’m considering to my original question in this thread (What are Norton’s vault password requirements?) is to come up with a passphrase we like, and if Norton rejects it, do as few modifications as possible to make it work—e.g., to use a bad example, if “thequickbrownfoxjumps” doesn’t satisfy a Norton complexity requirement, maybe “The quick brown fox.” would. Does anyone have any additional further suggestions or advice?

Kudos0

Re: Vault password requirements

Postado: 31-jan-2023 | 9:28AM · Link permanente

Thanks, everyone. Great suggestions!

This thread is closed from further comment. Please visit the forum to start a new thread.