Re: Detecting Brute-Force and Dictionary attacks



The idea is simple and good, but there's a problem in its
implementation: usually modern systems doesn't compare the password you
write with the saved password; instead, they compare an hash of your
password attempt with the saved hash of your current password. By
design, two similar string have strongly different hashes. So you can't
compare two hashes and say if they correspond to two similar words.
Greets,
Fabio



Sebastiaan Veenstra wrote:
Hi,

I didn't read the whole discussion about this issue but I came up with
an idea which might be usefull to detect brute force attempt. By
storing the passwords a certain user has used in the past along with
the current password you could be able to compare to password (by
pattern matching) used at the login attempts with the passwords list.
If the password used differs significantly (this excludes typos) from
the entries in the password list, there could be a possible brute
force attempt. The reason for storing the previous passwords is that
people tend to use every password they've used in the past when they
forgot their password. Maybe this idea can be used along with the
other methods of detecting brute force attempts. Anyway, it's just a
random thought.

Greets,

Sebastiaan




Relevant Pages

  • Re: Detecting Brute-Force and Dictionary attacks
    ... usually modern systems doesn't compare the password you ... write with the saved password; instead, they compare an hash of your ... password attempt with the saved hash of your current password. ... an idea which might be usefull to detect brute force attempt. ...
    (Focus-Linux)
  • Re: Detecting Brute-Force and Dictionary attacks
    ... With a typo ... passwords is a dictionary word. ... usually modern systems doesn't compare the password you ... > an idea which might be usefull to detect brute force attempt. ...
    (Focus-Linux)
  • Re: IE and IEE 754
    ... Evertjan. ... or is the above difference allowable within IEEE 754? ... that you should not compare such values without prior rounding. ... Are you suggesting that storing $123.45 as 12345 is better than storing ...
    (comp.lang.javascript)
  • Re: Comparing Dates
    ... I have no idea what data you are actually storing in your tables, ... could be tough offering specific "how to's" ... ... I want to compare two dates. ... compare it with another date (say DateB). ...
    (microsoft.public.access.queries)
  • Re: Strange basic problem with comparision of two varialbes defined as double
    ... What alternative is there to compare two values of this sort? ... seen this kind of problem were in I am storing a value defined as double in ... the access database field which is again defined as double with 2 decimal ... My application does need to compare a lot of values for accounting purposes. ...
    (microsoft.public.vstudio.development)