Re: Virgin Media urges password change over hacking risk
 

I read that they only use 24 of the possible 26 letters which reduces the time to crack by a considerable margin. Mine didn't have 'any' in it anywhere. :)

I can also confirm that my daughters wifi password has no similarity to mine whatsoever.

Re: Virgin Media urges password change over hacking risk
 

I changed that one on the day I got it - it does rather invite that!
It's the WiFi password I'm not really sure about, OK so it's only 8 L/C characters, but is it a realistic risk that there are people going around with devices to crack into peoples' WiFi? Mine barely reaches all the rooms in the house, let alone out in the street. And it would be a pain to have to go around changing phones, NOW TV box, printer etc etc, not to mention occasional visitors I've given it to.

Re: Virgin Media urges password change over hacking risk
 

What is there to gain from finding out my Wi-Fi password?

Re: Virgin Media urges password change over hacking risk
 

Seeing as VM are now allowing any other VM customer to use your WiFi it does become a bit irrelevant. Opt for modem mode and use your router instead of VMs insecure equipment, faster speeds too.

Re: Virgin Media urges password change over hacking risk
 

...and that's the sort of ill-informed rubbish that gets rumours going. Get your facts straight before writing such piffle.

Re: Virgin Media urges password change over hacking risk
 

Depends where you live and who lives around you. People could use your connection to download all sorts of illegal stuff or commit other crimes, for which you might get the blame because your IP address would be all over it.

However to do that they have to be in signal range of the router. To break your password, possibly for many hours. To be honest, the signal from my Superhub is pretty iffy at the other end of the house, let alone out in the street or in neighbouring properties, so maybe the risk is not so great?

Re: Virgin Media urges password change over hacking risk
 

Basically allows an attacker into your network. Once in they could do quite a lot of things. For example the recent WannaCry could be exploited inside the network by just hitting the SMB server of an effected device.

Basically it allows an attacker to see what you have connected on your network, scan for any device with known exploits and do something with it. Especially with the rise of insecure IoT device.

Re: Virgin Media urges password change over hacking risk
 

Probably force.

Re: Virgin Media urges password change over hacking risk
 

they could do a man in the middle attack which means they can funnel all your traffic through them

one thing they could do redirecting online banking sites to trick you to give up your information

years ago I used to take over my brother's Facebook account and write stupid messages on his wall

and if you are thinking there is no master hacker living near you
the hacking tools i used was basically a numbered list (press 1 to hack and press 2 to evil laugh)

only thing stopping them is your Wi-Fi password

Re: Virgin Media urges password change over hacking risk
 

Don't forget, it's case sensitive, so it's more like 48 letters + numbers. 58 vs 62 possible characters isn't quite a big difference.

Having said that, password length will always trump complexity. While I agree the default passwords on routers are possibly not terribly secure, they should be changed regardless.

If you change it to a password that's 15+ characters long, even purely lower case will be more secure than a "complex" 8 character password.

To give an example, if you have an 8 character password to which any of the 8 characters can be one of 100 possible values (26 lowercase + 26 uppercase + 10 numeric + a bunch of symbols, punctuation, spaces, etc.), you'd get 10,000,000,000,000,000 possibilities.

Whereas if you have a 15 character long password of just lower case letters, it's 1,677,259,342,285,725,925,376 possible combinations. Length really does trump complexity.

10,000,000,000,000,000
vs
1,677,259,342,285,725,925,376

Use a passphrase of uppercase and lowercase letters with some punctuation thrown in and nothing will ever brute force it, even with dictionary attacks.

Re: Virgin Media urges password change over hacking risk
 

I was talking about the original wifi password on the bottom of the router, that uses uses a combination of only 24 lower case letters. ;)

Re: Virgin Media urges password change over hacking risk
 

simply put for those who are not mathematically inclined you are looking at a different of 1x10^16 and 1x10^21. There is difference of 5 orders of magnitude which is huge.

Re: Virgin Media urges password change over hacking risk
 

With the right tools an 8 letter lower (or upper ) case password can be cracked in less than a day.
Using a string of Disney names as posted above would be even quicker.

---------- Post added at 10:40 ---------- Previous post was at 10:33 ----------

Depends on how many gpu 's you have working on it and the time you want to spend.

Hashtopussy is a dangerous tool in the wrong hands.

Re: Virgin Media urges password change over hacking risk
 

With enough computing power you can brute force nearly anything, no matter how long and complex it is. The key is not to be the low-hanging fruit.

Also note I'm not advocating purely lower-case passwords, that was just an extreme example to show how much better length is than complexity. I stand by a passphrase is the best form of "password".

Re: Virgin Media urges password change over hacking risk
 

I know you weren't advocating all lower case but phrases are a no no too. Google Sagitta brutalis. The community I'm involved with have 4 of these and another 64 pc's with at least 2 gpu's. Doesn't take long. Before you ask we do not do it for nefarious reasons.