| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <DC44C31B-22BF-11D9-B73B-000D93C0F38C@teknovis.com> From: andfarm at teknovis.com (Andrew Farmer) Subject: Senior M$ member says stop using passwords completely! On 16 Oct 2004, at 07:46, Tim wrote: > "Pre-computation attacks are a somewhat new and interesting phenomenon > we are starting to encounter 'in the wild' through chainsaw security > consultants. What they do is they pre-compute all of the possible LM > or > NT password hashes of a given length with a given character set and > burn > the pre-computed password-hash-to-password-mappings to DVD. Heck they > can even submit their request to have your password hash reversed back > into a password using a web page someone has setup to do the job for > you > (sorry, not going to give out THAT URL here.) . . . for free!" To save everyone the looking: http://lasecwww.epfl.ch/~oechslin/projects/ophcrack/ -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 186 bytes Desc: This is a digitally signed message part Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20041020/a7ba8d42/PGP.bin
Powered by blists - more mailing lists