Using this password as an example (for length and character type), the
number of possibilities
would be (26 lowercase+26 uppercase+10 numerals+6 special characters)^8
(assuming that the
period at the end of the sentence isn't part of the password). This is a
total of 457,163,239,653,376
possibilities (compare this with DES encryption at 56-bit which we all know
can be brute forced at
72,057,594,037,927,936 possibilities). If you have the period at the end
2^54 < 68^9 < 2^55 possibilities.
Better but still fewer possibilities than 56-bit encryption...
Chris Hastings
Manager, Network Security
Network Computing Services
Vanderbilt University Medical Center
[EMAIL PROTECTED]
Bobby Brown
<bbrown@allensysgrou To: "'[EMAIL PROTECTED] '"
p.com> <[EMAIL PROTECTED]>
Sent by: cc:
firewalls-owner@List Subject: RE: NT password
encryption & name
s.GNAC.NET service
12/20/2000 11:14 AM
You must have had very few users or an extremely powerfull server to crack
by brute force the passwords. The password you referenced has 4 of the
recommended characters I wish every user used. Upper and lower case
characters, special characters, and numbers. What cracking software did you
use to do this ?
Bobby Brown
-----Original Message-----
From: Carl Ma
To: [EMAIL PROTECTED]
Sent: 12/20/00 12:00 PM
Subject: NT password encryption & name service
Hello all,
After running password cracking program on our W2000 PDC server, 98%
passwords
are cracked out, even some very complicate passwords like - X1#!h0a_.
Is it attribute to the W2000 encryption method? I would like to persuade
my boss
using LDAP as name service. Appreciate any information & idea! I will
summarize.
Thanks & Merry Christmas!
carl
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
