PASSWORD GUESSING

[Gordon Vickers]

In article <16924 at rpp386.Dallas.TX.US> jfh at rpp386.cactus.org (John F. Haugh II) writes:
->In article <36830 at bu-cs.BU.EDU> madd at buit15.bu.edu (Jim Frost) writes:
->>In article <24888 at prls.UUCP> gordon at prls.UUCP (Gordon Vickers) writes:
->>|       The advice I see most often, and use myself is to simply pick
->>|   two unrelated words that are seperated by a symbol, with the entire
->>|   password being seven or eight charectors in length.  Care to figure
->>|   what the odds are of a hacker breaking it ? 
->>
->>Sure.  Very good if the hacker has (exclusive) access to a good
->>parallel machine, or access to several PC's and a good crypt()
->>implementation.
->
->I'd say its a virtual certainty any good programmer could break that
->system in a very small amount of time.
->
->A few questions crop up - how many three or four letter words are
->there, versus possible three or four letter combinations of letters.
->Next, how many special symbols are there.
->
->The answer should be a small enough number for my PC to get it over
->one or two nights of crunching.
->-- 

     On a PC ?
     Anyone care to try ?  Here's my password from another Unix machine:
gordon:FM9M5x3Dlt/ao:202:40:Gordon Vickers,5370,9021,69,:/a/gordon:/bin/csh

     The password was choosen as I recommended and each of the two words
   can be found in the New Websters's Dictionary of the English Language.
     Remember though, you must use a P.C.  If you can do it, I'd be interested
   in knowing how.  I'm no expert on security but I am interested since I
   manage another multiuser system.
Gordon Vickers 408/991-5370 (Sunnyvale,Ca); {mips|pyramid|philabs}!prls!gordon
------------------------------------------------------------------------------
Every extinction, whether animal, mineral, or vegetable, hastens our own demise.