Yet Another useful paper
Operator
root at zardoz.UUCP
Wed Dec 21 13:27:49 AEST 1988
In article <4420 at xenna.Encore.COM> bzs at Encore.COM (Barry Shein) writes:
>>As far as UNIX passwords, it further justifies the use of a shadow
>>password file and the use of 64 character pass phrases.
>Why? Because it shows a 20x speedup possibility? Let's do the
>arithmetic again...
>Given a 100 character character set and 8 characters in a password
>the search space is 100^8 which is:
But you don't need to search through all 100^8 combinations to have a
reasonable change of gaining entry. All you need is to search through
a 1000, or possibly even 10,000 common names and words, and you will
find a match on a surprisingly large number of systems. Under this
scenario, a 20 X speedup can make a big difference on the practicality
of sneeking in a large batch job to do some password crunching.
neil at cpd.com
uunet!zardoz!neil
More information about the Comp.unix.wizards
mailing list