Full Disclosure mailing list archives
RE: Senior M$ member says stop using passwords completely!
From: "joe" <mvp () joeware net>
Date: Thu, 21 Oct 2004 11:32:50 -0400
Well I don't think anyone is saying that the issue is that 128 character passwords are being easily hacked so I am not quite sure I understand your point about 256 characters and why you mention it. People seem to dislike passwords greater than 14 characters let alone entering passwords of 150 , 200 , or 250 characters. To put it another way, if MS suddenly increased the buffer to allow for hashing of passwords 1024 characters in size would you push that MS was more secure based on that? I doubt it, I certainly wouldn't. BTW, I tried the link someone previously gave with the password hash I previously posted and it is well under 128 characters and the web site reported: Password: not found! joe -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Eric Paynter Sent: Monday, October 18, 2004 1:32 PM To: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Senior M$ member says stop using passwords completely! On Sat, October 16, 2004 5:25 pm, Tim said:
The reason for my post was to point out that Mr. Hensing doesn't appear to be a reliable source of information on the topic of passwords and hash security.
I think that much became apparent when Mr. Hensing took sarcastic shots at Linux security (e.g. "Attack easier targets like all those Linux boxes you installed because its so much more secure . . ."). Funny thing is, Linux supports up to 256 character passwords by default - twice as long as Windows. -Eric -- arctic bears - email and dns services http://www.arcticbears.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Senior M$ member says stop using passwords completely! RandallM (Oct 16)
- Re: Senior M$ member says stop using passwords completely! Tim (Oct 16)
- Re: Senior M$ member says stop using passwords completely! Micheal Espinola Jr (Oct 16)
- Re: Senior M$ member says stop using passwords completely! Tim (Oct 16)
- RE: Senior M$ member says stop using passwords completely! joe (Oct 18)
- Re: Senior M$ member says stop using passwords completely! Eric Paynter (Oct 18)
- RE: Senior M$ member says stop using passwords completely! joe (Oct 21)
- Websphere 3.5 Alerta Redsegura (Oct 21)
- Re: Senior M$ member says stop using passwords completely! Exibar (Oct 21)
- Re: Senior M$ member says stop using passwords completely! Micheal Espinola Jr (Oct 16)
- Re: Senior M$ member says stop using passwords completely! Tim (Oct 16)
- Re: Senior M$ member says stop using passwords completely! Frank Knobbe (Oct 16)
- Re: Senior M$ member says stop using passwords completely! Pavel Kankovsky (Oct 19)
- RE: Senior M$ member says stop using passwords completely! RandallM (Oct 16)
- Re: Senior M$ member says stop using passwords completely! Danny (Oct 20)