Bugtraq mailing list archives
Re: How the password could be recover using FTP Explorer'sregistry!
From: mikael.olsson () ENTERNET SE (Mikael Olsson)
Date: Wed, 1 Mar 2000 09:30:13 +0100
"Mark D. Miller" wrote:
Actually, this is not an example of insecurity on a user friendly platform.
I beg to differ.
The Voice Print Password is an alternate password method. The primary is the password you type in. When the voice print password is used, it uses the typed password to decrypt the keychain.
... and where does the typed password get stored, may I ask? Is it encrypted somehow? In that case, how? Because the voice print certainly cannot be used to decrypt it, as it varies too much every time you pronounce it. Encryption is kind of funny that way, even if just one single bit is wrong, you won't be able to decode the secret :-P
Since everyone's voice is unique, there shouldn't be any worry as to security.
Ehm. Right. -- Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 ÖRNSKÖLDSVIK Phone: +46 (0)660 105 50 Fax: +46 (0)660 122 50 Mobile: +46 (0)70 248 00 33 WWW: http://www.enternet.se E-mail: mikael.olsson () enternet se
Current thread:
- Re: How the password could be recover using FTP Explorer'sregistry! Mikael Olsson (Mar 01)