Fun With Passwords?

eSims asks: "Most all SysAdmins have the pleasure of picking passwords and while we know the rules for picking good passwords we also know how to have a little fun with them as well. Password choices may be inside jokes about management, comments on the company, or just torture for the users we assign them to, but often they are funny. Without giving away the company secrets what are some of your funny stories about password selection?"

Not as secure as you think

[gazoombo]

I used to do the same thing, but then stumbled across a number of password crackers that take this into account. They run dictionary attacks, but they also try every possible 'l33tsp34k' variation. It takes a while to run this kind of attack, but not quite as long as a plain ole brute force. I advise using password generating tools to create truly random passwords.

Re:Not especially funny, but might be useful

[SwellJoe]

I once read a tip about website passwords where you shouldn't have the same password for all sites that need a logic. One of the best suggestions I read was to have a password of say 4 characters, and intersperse the website name into it.

Ah, I get it. So that when the slashdot guys read your password 1s2l3a4s, they'll be able to guess that your yahoo mail password is 1y2a3h4o. Perfect! It's a system whereby you use a different password on every site, but still manage to make it available to anyone who has one of your passwords. In-genius. Really. I mean it.

Re:My own worst enemy

[Curtman]

I wouldn't really consider it a gaping wound, since nearly every OS is vulnerable to it in some way or another. Its a fact of life - don't let untrusted people near your box. Or take your data with you or something..