[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Users Password



> Unix password encryption algorythm is a varient of the DES (Data Encryption
> Standard) algorythm + 2 bytes (calles salt) added (in several iteratto
> make it ireversable (which it is;-)). I.e. you can't "reverse engineer"
> the passwords from the passwd file....
> 
I know. But something that maybe you don't know is that
dictionary-based attacts can be extreme good in case
you never asked your users to choose good passwords.
Brute force attacs can also be quite good in case
you have a lot of processor time.
You know, "password recovering" programm aare very
good in parallel processing. 
BTW somebody managed to make "israel-friendly" password
dictionary for Crack ? There's a lot of  users using
they wife/husband/child name for the password and
most of those hebrew names aren't in the dictionary ...

Hapy cracking ...

Meir