Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Fab Siciliano (fsicilianooptiumcorp.com)
Date: Wed May 01 2002 - 15:43:17 CDT
They can. The 1 is changing to a 2.
> -----Original Message-----
> From: gotcha [mailto:fmuhushmail.com]
> Sent: Wednesday, May 01, 2002 4:39 PM
> To: Erik Parker
> Cc: vuln-devsecurityfocus.com
> Subject: Re: AOL passwords / crypt() and online brute forcing
> On Wed, May 01, 2002 at 12:20:44PM -0500, Erik Parker wrote:
> > if you take the 94 displayable ascii characters.. and do
> 94^8 you have
> > a possible 6,095,689,385,410,816.. So about 6 quadrillion
> > to try..
> i think that's not the issue. the real problem is that people
> think they can block access by changing a password from
> foobar111 to foobar123.