Hash Passwords. Can I just make up a string of my own out of thin air?

I got really interested in hash passwords due to an Amazon hack. I use Bitwarden anyway for saving, but have not been using the hash feature.
I understand hash passwords originate from your original password in the app.
Fine so far.
BUT… Can I just string together my own random string of a dozen ($&*6bhKmE*#%) characters outside of an hash app and just make a hash with no origination source but my imagination?

Thanks in advance.
Win10 ver 20H2

chuckiechan said:

I got really interested in hash passwords due to an Amazon hack. I use Bitwarden anyway for saving, but have not been using the hash feature.
I understand hash passwords originate from your original password in the app.
Fine so far.
BUT… Can I just string together my own random string of a dozen ($&*6bhKmE*#%) characters outside of an hash app and just make a hash with no origination source but my imagination?

Thanks in advance.
Win10 ver 20H2

Hi,

Yes, If your imagination follows the good hash string format

HashWiz :: Reverse Hash

3414084c6780eae01f697d90535231b277063113

I have an appropriately hashed mind…
I ran my example through your reverse hash and got a message: “Wrong hash string format”.
What does that mean? Am I even safer with no origination to reverse engineer?

chuckiechan said:

I have an appropriately hashed mind…
I ran my example through your reverse hash and got a message: “Wrong hash string format”.
What does that mean? Am I even safer with no origination to reverse engineer?

The pass Phrase I used was "You know what I mean."

now try this one

f7ff9e8b7bb2e09b70935a5d785e0cc5d9d0abf0

Complexity of the pass phrase is key. Try to run your own hashes trough the reverse calculator.

Also this site will interest you. dCode - Solvers, Ciphers, Calculators, Decoders, Online

But If you create your own hash... You need the key for it to be valuable at something

My use is only for websites like Amazon or someone.
It seems to me my made up password that as long as it is accepted as a password, if it's not connected to an algorithm, then brute force is the only method available to a cracker.

Amazon also suggested I check for a key logger. How do I do that?

(Personally, I think it's an inside job, but we are starting fresh, per their suggestion).

chuckiechan said:

My use is only for websites like Amazon or someone.
It seems to me my made up password that as long as it is accepted as a password, if it's not connected to an algorithm, then brute force is the only method available to a cracker.

Amazon also suggested I check for a key logger. How do I do that?

(Personally, I think it's an inside job, but we are starting fresh, per their suggestion).

Key logger can be inserted at many levels even outside your network. I wouldn't worry about that on a home network.

But of I know transparent proxies you can install on business network that can log every users activity / site visited/ username and passwords used, instantly in absolutely "Clear Text". Regardless of Destination encryption. Only end to end VPN go trough those, but are often actively blocked on these kind of network. Some even push it further to log "Everything" that been done on every computer. When I say that it's not understated.

But like you said... It will be an inside job.

chuckiechan said:

BUT… Can I just string together my own random string of a dozen ($&*6bhKmE*#%) characters outside of an hash app and just make a hash with no origination source but my imagination?

If you do that you have simply made a difficult to remember password. Unless you then make a hash of that string, and use that as the pw - but probably no need if the string is sufficiently random.