Re: password cracking question
From: Proteus (nospam_at_nowhere.net)
Date: Mon, 18 Jul 2005 12:35:21 -0500
> He might have found a backup tape lying around for example. He might have
> booted into the machine in single user and gotten the file.
> One of the reasons that Linux went over to shadow passwords was that
> programs like yours were becoming popular.
So for my purposes, the main (good) use of a password cracking program is to
test whether my users' (and mine, ie root) passwords are strong, right?
(that is my intended purpose). And how long do I let the password cracking
program run before I assume my passwords are strong-- I mean one could in
theory let the cracking program run for days or weeks. When is enough
enough, when is a password considered strong enough (and how do I know if a
password I create is strong enough to thwart crackers?)?