There is nothing special about cracking a certificate password versus any other
password. There is a lot of literature out there; a web search will easily
give you enough information to be depressed. I think your biggest faulty
assumption is that your users will pick truly random 10char passwords. And the
second-biggest is that the other attacks on their platform (windows?) won't be
more effective, anyway.
/r$
--
Principal Security Engineer
Akamai Technologies, Cambridge MA
IM: rs...@jabber.me<mailto:rs...@jabber.me> Twitter: RichSalz
- Certificate pass phrase brute force... Gregory Sloop
- RE: Certificate pass phrase brute force... Salz, Rich
- Re: Certificate pass phrase brute force... Gregory Sloop
- RE: Certificate pass phrase brute force... Michael Wojcik
- Re: Certificate pass phrase brute force... Gregory Sloop
- Re: Certificate pass phrase brute for... Jeffrey Walton
- Re: Certificate pass phrase brute... Gregory Sloop
- RE: Certificate pass phrase b... Dave Thompson
- Re: Certificate pass phrase b... Gregory Sloop
- RE: Certificate pass phrase b... Michael Wojcik
- RE: Certificate pass phrase b... Kyle Hamilton
- RE: Certificate pass phrase b... Michael Wojcik
