Re: Password Cracking
From: Dave Aronson (spamtrap.secfocus_at_dja.mailme.org)
Date: 09/16/04
- Previous message: GuidoZ: "Re: Definitions"
- In reply to: Jonathan Loh: "RE: Password Cracking"
- Next in thread: Nick Owen: "RE: Password Cracking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: security-basics@securityfocus.com Date: Wed, 15 Sep 2004 20:02:31 -0400
Jonathan Loh <kj6loh@yahoo.com> wrote:
> One of my fellow sysadmins uses the following: Take any word could
> be from the dictionary or not. Use 0's, 1's, 5's and so on for
> letter substitutions.
Many password crackers use such substitutions. To make total subbing
(which is what I would guess they try first) not work, what I do is not
sub for every one. At various times, I have subbed only the first one,
odd-numbered ones (i.e., 1st, 3rd, 5th, etc.), even-numbered ones, every
3rd starting with the 2nd, and other patterns. Of course, random would
probably be a bit better, but makes it much harder to remember....
---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.
http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------
- Previous message: GuidoZ: "Re: Definitions"
- In reply to: Jonathan Loh: "RE: Password Cracking"
- Next in thread: Nick Owen: "RE: Password Cracking"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
