On Feb 22, 2006, at 8:32 PM, Mathieu Langlois wrote:
Would you care to elaborate on that please? I'm a bit surprised,
at first
sight, you increase the possibilities a lot when you have to take into
account the case, making dictionary and brute force attacks that
much more
difficult. For each word, the possibilities are 2^L where L is the
length
of the word. Assuming the users do use random case within the
password, how
is it not more secure than a case-insensitive password?
Unless the attacker knows that the system is case-insensitive, the
mean time to break-in will be the same since they will still test
passwords of all case.
Adam
_______________________________________________
Unsubscribe or switch delivery mode:
<http://www.realsoftware.com/support/listmanager/>
Search the archives of this list here:
<http://support.realsoftware.com/listarchives/lists.html>
