RE: AOL passwords
From: TUTTLE, TERESA A (SBCSI) (tt6361@sbc.com)Date: 05/01/02
- Previous message: Blue Boar: "Re: Wlan @ bestbuy is cleartext?"
- Maybe in reply to: Jacob McMaster: "AOL passwords"
- Next in thread: jon schatz: "RE: AOL passwords"
- Reply: jon schatz: "RE: AOL passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "TUTTLE, TERESA A (SBCSI)" <tt6361@sbc.com> To: Jacob McMaster <jmcmaster@appliedsystems.com>, vuln-dev@securityfocus.com Date: Wed, 1 May 2002 12:01:53 -0500
Jacob -
I believe this has always been true of most versions of Unix I'm
familiar with. Also take into account the fact that there are only 7 random
bits per character and you're getting even less protection than you first
think!
Terri Tuttle
-----Original Message-----
From: Jacob McMaster [mailto:jmcmaster@appliedsystems.com]
Sent: Wednesday, May 01, 2002 9:42 AM
To: vuln-dev@securityfocus.com
Subject: AOL passwords
I don't know if anyone has said this but, AOL allows you to use a 8+
character password, but when signing in it will only check the first 8
character and then it doesn't matter if you type the rest of the password or
type the rest of it wrong it will let you in that account. Also their
access to your email via the web, it will actually tell you its the wrong
password if your password is over 8 characters and you type the whole thing
in, you have to type only the 1st 8 characters to get into it. Not sure
this is a major issue, but would make the cracking process eaiser for
someone if they know there is a max of 8 characters needed.
- Previous message: Blue Boar: "Re: Wlan @ bestbuy is cleartext?"
- Maybe in reply to: Jacob McMaster: "AOL passwords"
- Next in thread: jon schatz: "RE: AOL passwords"
- Reply: jon schatz: "RE: AOL passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
