Security Basics mailing list archives
RE: UNIX password auditing tool and the search for dictionaries too
From: Mike Dresser <mdresser () windsormachine com>
Date: Mon, 11 Aug 2003 11:58:38 -0400 (EDT)
On Sat, 9 Aug 2003, Tomas Wolf wrote:
I would like to note a little about the security of 4 digit pin... I believe that author wanted to point out that thanks to the fact, that you can't try the 4 digit number more than three times at a time - which makes it a pretty strong system, not that 4 digit is a strong password.
I saw a paper a few months back that claimed you'd need something like 15-24 tries to get a password, due to problems with the PIN algorythm. Oh, and insider access. Very minor detail :D http://www.theregister.co.uk/content/55/29425.html actual paper link is at: http://www.cl.cam.ac.uk/TechReports/UCAM-CL-TR-560.pdf Mike --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: UNIX password auditing tool and the search for dictionaries too kenkousky (Aug 07)
- RE: UNIX password auditing tool and the search for dictionaries too Michael Martinez (Aug 07)
- Re: UNIX password auditing tool and the search for dictionaries too Adam Newhard (Aug 08)
- more on strong passwords - a reply kenkousky (Aug 08)
- RE: UNIX password auditing tool and the search for dictionaries too Nick Owen (Aug 13)
- Re: UNIX password auditing tool and the search for dictionaries too Adam Newhard (Aug 08)
- <Possible follow-ups>
- RE: UNIX password auditing tool and the search for dictionaries too Tomas Wolf (Aug 11)
- RE: UNIX password auditing tool and the search for dictionaries too Tim Heagarty (Aug 11)
- RE: UNIX password auditing tool and the search for dictionaries too Mike Dresser (Aug 11)
- RE: UNIX password auditing tool and the search for dictionaries too Michael Martinez (Aug 07)