password expiration policy (was Re: UNIX V7)

Dan Gahlinger dgahling at hotmail.com
Mon Jun 15 14:09:40 CDT 2009 

yeah that doesn't work either.
a hard password of lesser length is harder to crack.

windows doesn't have 128 character passwords AFAIK (I could be wrong),
but it also has a well-known algorithm,

check out 0phcrack or the new version of L0phtCrack,
they will show portions of the password as they crack,
allowing you to more easily "guess" passwords as it's running.

I remember a password that was
"AAAA####" and the program showed the alphabetic part,
was working on the numeric showing "????"
but because the alpha part shown was "Indy", I guessed the #s was a year,
therefore I had the password in less than 30 seconds.

so that long password, the program will show portions of the text as it's running,
allowing you to "guess" the password before it completes.

Dan.

> From: chris at mainecoon.com
> To: cctalk at classiccmp.org
> Subject: Re: password expiration policy (was Re: UNIX V7)
> Date: Mon, 15 Jun 2009 11:42:12 -0700
> 
> 
> On Jun 15, 2009, at 10:13 AM, Dan Gahlinger wrote:
> 
> >
> > because it doesn't work.
> > most systems don't accept spaces.
> 
> Which, of course, is why you omit the spaces and run the words  
> together, making dictionary attacks even more difficult. Let's see how  
> a dictionary attack does with  
> "mytestesare2infestedwithflamingspriochetes4you", shall we?
> 
> > and if we're talking windows, a password like that might only take a  
> > few minutes to crack.
> 
> Gene's original posting was restricted to systems that don't have  
> short password fields; in such systems long passphrases of vaguely (or  
> patently) offensive words are both easier to remember and harder to  
> crack than shorter passwords of random characters.  Even with its  
> restriction of what? 128 characters?  Windows would allow for the use  
> of such constructs.
> 
> --
> Chris Kennedy
> chris at mainecoon.com             AF6AP
> http://www.mainecoon.com        PGP KeyID 108DAB97
> PGP fingerprint: 4E99 10B6 7253 B048 6685  6CBC 55E1 20A3 108D AB97
> "Mr. McKittrick, after careful consideration..."
> 
> 
> 
> 
> 
> 

_________________________________________________________________
Internet explorer 8 lets you browse the web faster.
http://go.microsoft.com/?linkid=9655582

More information about the cctalk mailing list