Here is an interesting one from the not very leading edge. When you add a password to a site it is often encrypted with and MD5 hash this mean that a word like ‘leonie’ is converted into a string that looks like this ‘af58e0965b64b67028e1f40c69317bf1’.
Now he nice thing about this conversion is that it is only one way. i.e. from the hash ‘af58e0965b64b67028e1f40c69317bf1’ you cannot reverse the algorithm that created it
and get back to ‘leonie’. However some helpful people on the web have published the MD5’s of almost every word there is and put them on web sites, so by googleing for ‘af58e0965b64b67028e1f40c69317bf1’ you get ‘leonie’ and are able to crack the the security that this should give you.
There is no way round this, although i fully expect an American Senator or the EU to attempt to legislate against it, other than to make sure the string you use is unlikely to happen in real life and therefore less vulnerable to this type of dictionary attack.
So instead of ‘leonie’ ‘l30n13’ wher 3 = e and 1 — i and 0 = o helps to remember the password but make the attack less easy and even better would be ‘L30n13@’
Don’t say i didn’t tell you!