Do You Use Password Haystacking?

September 27, 2016 | Views: 10610

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

How can we make passwords memorable AND uncrackable, it is password haystacking. You know the phrase it’s like trying to find a needle in a haystack; well the same method applies by hiding your password with a prefix and suffix pattern.  We know length is the most important element in supporting an uncrackable password, well at least in our life time.  It is a process of using some phrase that has meaning to you and hiding it with a creative pattern.

Example password creation:  I Played College BasketBall My Number Was 34. IPCBBMNw34


Example pattern creation:  Used the number 3 and 4 on the keyboard to start the prefix and suffix pattern, that I would remember easily, #$#$//IPCBBMNw34\#$#$ this gives me a memorable and uncrackable password.

Time Required to Exhaustively Search this Password’s Space:

Online Attack Scenario:

(Assuming one thousand guesses per second)

9.88 hundred million trillion trillion centuries

Offline Fast Attack Scenario: 

(Assuming one hundred billion guesses per second)

9.88 trillion trillion centuries

Massive Cracking Array Scenario: 

(Assuming one hundred trillion guesses per second)

9.88 billion trillion centuries

For more information please see

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. Nice post. I basically use my email password for web registrations. Which is lame as an IT person. But this is changing following this tutorial. Thanks man.

  2. All of this is good, but what would happen if there is a data breach from the website itself?

  3. Real easy way to make a long, strong and easily memorable password! Cheers 🙂

  4. God short article that is clear and concise.

    But surely it should be #$#$//IPCBBMNw34\\#$#$ and not #$#$//IPCBBMNw34\#$#$? :>

    I find passwords a total pain in the neck, especially with mixed systems that have mixed requirements – and the passwords expire at different times.

    “Hey don’t use the same password on multiple systems everybody”

    Is it any wonder end users struggle?

    Mnemonic or Haystacking is a good method, though some systems don’t like duplicate characters together – which is another pain.

  5. Thanks jcrusade. Really appreciate this post. Will use this method going forward.

Page 2 of 5«12345»
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?