Re: password cracker

From: Herb Martin (news_at_LearnQuick.com)
Date: 03/05/04 

Date: Fri, 5 Mar 2004 14:26:40 -0600

L0phtcrack mention below is the near standard.

And no, there is little reason no to post it here.

Good admins -- with proper approval/warning -- do this.

I assure you the crackers already know where to find such tools.

Also, my experience suggests the following:

ANYTHING less than MORE than 14 characters using complexity
(and immune to your dictionary attack) is INSECURE.

I have personally seen a 14 character password with near complexity
broken in 15 seconds on demand. (There is a web site that demos
this.) 

-- 
Herb Martin
"Sheldon" <anonymous@discussions.microsoft.com> wrote in message
news:903FE38B-8166-4849-A18D-8778AF18D86C@microsoft.com...
> This will likely open a few conversations:
>
> I'm looking for a free password crack that I can use on my own network.
(yes, I'm the admin). I have given specific guidelines to our users about
passwords that they can and cannot use (ie; don't use your birthday, kid's
names, etc.) I want to be able to verify they are following our
instructions. Now I know someone will say "we shouldn't post that here" but
the reality is that we SHOULD know what crackers are out there that our own
users could bring into our network.
>
> Thanks,
>
> Sheldon
> M.C.S.E., C.C.N.A., A.S.E., etc.