Re: Comparing encrypted passwords

From: Fredderic (fredderic@iprimus.com.au)
Date: 12/26/02


From: "Fredderic" <fredderic@iprimus.com.au>
Date: Fri, 27 Dec 2002 04:42:43 +1000


> ]> > $1$<salt1>$<hash1>
> ]> > $1$<salt2>$<hash2>
> ]Nahh..... Just get yourself a couple years on a super computer
> ]somewhere to crank out a brute force crack of the two passwords,
> ]and see if they match.
> It will take a while longer than that for the MD5 has password which
> he is apparently using.

That's what they said about the old passwords too. If you started crunching
one of them with a brute force hack on one of the "modern" machines at the
time they that encryption scheme was introduced and with the "modern"
methods of the time, it'd probably still be going today.

Compared to a modern P IV which could probably brute force crack you entire
old-style password file inside of a day. ;)



Relevant Pages

  • Re: Security issues in publishing content of /etc ?
    ... >> You could use a brute force attack to get weak passwords. ... >> software installed in the machine or other hosts information. ... a user, with your mimic software installed on his machine, wont be able to ...
    (Security-Basics)
  • Re: Creating a Password
    ... The devil is always in the details with security. ... > Whether it's a 'dictionary' or 'brute force' attack, ... > I will also agree that we're nit-picking the sentence "Such passwords can ... > only be cracked by means of brute force". ...
    (alt.computer.security)
  • Re: Creating a Password
    ... The devil is always in the details with security. ... > Whether it's a 'dictionary' or 'brute force' attack, ... > I will also agree that we're nit-picking the sentence "Such passwords can ... > only be cracked by means of brute force". ...
    (microsoft.public.security)
  • Re: Creating a Password
    ... Whether it's a 'dictionary' or 'brute force' attack, ... describes a methodology. ... "Such passwords are less apt to be cracked by means of a dictionary attack." ...
    (alt.computer.security)
  • Re: Creating a Password
    ... Whether it's a 'dictionary' or 'brute force' attack, ... describes a methodology. ... "Such passwords are less apt to be cracked by means of a dictionary attack." ...
    (microsoft.public.security)