|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Fab Siciliano (fsiciliano
optiumcorp.com)Date: Wed May 01 2002 - 15:43:17 CDT
They can. The 1 is changing to a 2.
> -----Original Message-----
> From: gotcha [mailto:fmuhushmail.com]
> Sent: Wednesday, May 01, 2002 4:39 PM
> To: Erik Parker
> Cc: vuln-devsecurityfocus.com
> Subject: Re: AOL passwords / crypt() and online brute forcing
>
>
> On Wed, May 01, 2002 at 12:20:44PM -0500, Erik Parker wrote:
> > if you take the 94 displayable ascii characters.. and do
> 94^8 you have
> > a possible 6,095,689,385,410,816.. So about 6 quadrillion
> passwords
> > to try..
>
> i think that's not the issue. the real problem is that people
> think they can block access by changing a password from
> foobar111 to foobar123.
>
> --gotcha
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]