Re: Redhat 6.0 Password Issues

From: Roger Espel Llima (espelat_private)
Date: Sun Sep 12 1999 - 17:54:05 PDT

Next message: Crispin Cowan: "Re: fixing all buffer overflows --- random magin numbers"

Previous message: Georgi Guninski: "Hotmail security vulnerability - injecting JavaScript using"
Maybe in reply to: root3d: "Redhat 6.0 Password Issues"
Next in thread: der Mouse: "Re: Redhat 6.0 Password Issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Sep 12, 1999 at 02:39:25PM +1200, Alan Brown wrote:
> Anyone relaying on DES passwd encryption these days could be said to
> have no passwd encryption at all - the entire legal 1-8 character passwd
> space will fit in less than 4Gb, so a determined cracker can fairly
> quickly determine what any given crypted password really is.

How do you compute this?  Maybe there's some optimization that I've
missed, but conservatively assuming 64 legal characters, that makes
64^8 = 2^48 different possible passwords.  Just to store 1 byte per
password, you still need over 260Tb.

And that's not counting with salts.

--
Roger Espel Llima, espelat_private
http://www.eleves.ens.fr:8080/home/espel/index.html

Next message: Crispin Cowan: "Re: fixing all buffer overflows --- random magin numbers"
Previous message: Georgi Guninski: "Hotmail security vulnerability - injecting JavaScript using"
Maybe in reply to: root3d: "Redhat 6.0 Password Issues"
Next in thread: der Mouse: "Re: Redhat 6.0 Password Issues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:03:33 PDT