-1

How many 'random' characters should my iCloud password be if it were going up against the BEST hackers and the best hacking software?

Chris
  • 3
  • 1
  • This is not a duplicate question because my question asks what is best for iCould. Password creation requirements may be different for each host, or other conditions may apply. – Chris Nov 03 '14 at 18:44
  • Then, the answer to your question is "maximum". The suggested duplicate is the best answer for the issues that your questions raises. – schroeder Nov 03 '14 at 23:48

1 Answers1

0

I think this question can't be answered by just typing a number. There are things to consider:

  1. How are the passwords stored in the database? E.g. what hashing algorithm or encryption is used.
  2. Does iCloud use salt? If so, is this salt static for each user or random?
  3. How well are the support people trained in order to detect a social engineering attack? (as we've seen before at Apple: http://www.wired.com/2012/08/apple-amazon-mat-honan-hacking/all/)
  4. How much data is available on social network sites about you? This because of the questions asked in order to get access to an account: http://www.washingtonpost.com/news/the-intersect/wp/2014/09/03/this-is-how-easy-it-is-to-hack-someones-icloud-with-their-security-questions/.

Having said that, I believe the iCould (I am not a user there) can be configured with two factor authentication (something you have and something you know) which you should consider enabling.

Having two factor authentication enabled and a password of 15+ characters can be considered safe. However it's also a matter of how much effort one wants to put in to hacking your account (e.g. whether you're a celebrity or not)

Hope this helps, as you can see there's more to it than just a number of random characters.

Jeroen
  • 5,783
  • 2
  • 18
  • 26