They can. The 1 is changing to a 2. > -----Original Message----- > From: gotcha [mailto:fmuat_private] > Sent: Wednesday, May 01, 2002 4:39 PM > To: Erik Parker > Cc: vuln-devat_private > Subject: Re: AOL passwords / crypt() and online brute forcing > > > On Wed, May 01, 2002 at 12:20:44PM -0500, Erik Parker wrote: > > if you take the 94 displayable ascii characters.. and do > 94^8 you have > > a possible 6,095,689,385,410,816.. So about 6 quadrillion > passwords > > to try.. > > i think that's not the issue. the real problem is that people > think they can block access by changing a password from > foobar111 to foobar123. > > --gotcha >
This archive was generated by hypermail 2b30 : Wed May 01 2002 - 14:44:57 PDT