Full Disclosure mailing list archives

Re: Senior M$ member says stop using passwords completely!

From: Andrew Farmer <andfarm () teknovis com>
Date: Wed, 20 Oct 2004 10:45:41 -0700

On 16 Oct 2004, at 07:46, Tim wrote:

"Pre-computation attacks are a somewhat new and interesting phenomenon
we are starting to encounter 'in the wild' through chainsaw security
consultants. What they do is they pre-compute all of the possible LMorNT password hashes of a given length with a given character set andburn
the pre-computed password-hash-to-password-mappings to DVD.  Heck they
can even submit their request to have your password hash reversed back
into a password using a web page someone has setup to do the job foryou
(sorry, not going to give out THAT URL here.) . . . for free!"


To save everyone the looking:

http://lasecwww.epfl.ch/~oechslin/projects/ophcrack/

Attachment: PGP.sig
Description: This is a digitally signed message part

Current thread:

Re: Senior M$ member says stop using passwords completely!, (continued)
- - Re: Senior M$ member says stop using passwords completely! Micheal Espinola Jr (Oct 16)
    - Re: Senior M$ member says stop using passwords completely! Tim (Oct 16)
    - RE: Senior M$ member says stop using passwords completely! joe (Oct 18)
    - Re: Senior M$ member says stop using passwords completely! Eric Paynter (Oct 18)
    - RE: Senior M$ member says stop using passwords completely! joe (Oct 21)
    - Websphere 3.5 Alerta Redsegura (Oct 21)
    - Re: Senior M$ member says stop using passwords completely! Exibar (Oct 21)
  - Re: Senior M$ member says stop using passwords completely! Frank Knobbe (Oct 16)
    - Re: Senior M$ member says stop using passwords completely! Frank Knobbe (Oct 16)
    - Re: Senior M$ member says stop using passwords completely! Pavel Kankovsky (Oct 19)
  - Re: Senior M$ member says stop using passwords completely! Andrew Farmer (Oct 20)
- RE: Senior M$ member says stop using passwords completely! Aviv Raff (Oct 16)
  - RE: Senior M$ member says stop using passwords completely! RandallM (Oct 16)
- Re: Senior M$ member says stop using passwords completely! Georgi Guninski (Oct 20)
  - Re: Senior M$ member says stop using passwords completely! Danny (Oct 20)
    - Re: Senior M$ member says stop using passwords completely! Maarten (Oct 20)
    - Re: Senior M$ member says stop using passwords completely! Georgi Guninski (Oct 21)
    - Re: Senior M$ member says stop using passwords completely! Danny (Oct 21)
- RE: Senior M$ member says stop using passwords completely! Banta, Will (Oct 19)
  - RE: Senior M$ member says stop using passwords completely! Frank Knobbe (Oct 19)
- RE: Senior M$ member says stop using passwords completely! Todd Towles (Oct 19)

(Thread continues...)