On Mon, 2008-10-06 at 15:18 +0100, Thomas Dalton wrote:
2008/10/6 Marco Schuster marco@harddisk.is-a-geek.org:
Which becomes a problem if sites don't allow passwords larger than 10 to 15 chars (as if they couldn't make a MD5/SHA1 out of it...) :(
How about a standard 5 character alphanumeric password concatenated with the first 5 characters of the domain name encoded with ROT13? That should be accepted by any site and is pretty secure (it would be good to include symbols in there, but some sites don't accept them, and you may want some better mangling than just ROT13).
Easy enough for any modern PC to brute force if the one know you are using such scheme. 36^5 isn't that many combination...
KTC