[me]
> I initially had a hard time believing that L0phtcrack broke
> that password,
> but when you do the numbers (as Chris did) it's obviously
> well within the
> realms of possibility for a modern box.
Ohwait, I should clarify. I did different numbers to Chris....
A quick keyboard count on my laptop gives 33 non alphanums:
`-=[]\;',./~!@#$%^&*()_+ {}|:"<>? (typing that was FUN!)
That actually makes 95 typables which is about a tenth of the space of 2^56
(dodgy Excel calculation - someone can check with a real maths program).
BUT, the NT hashing algorithm is weak in that it hashes in 7 character
blocks, making the eigth character trivial to obtain - this is why I
recommend 7 or 14 letters. That brings it in to about a thousandth of the
DES space, or less than a hundred times stronger than 40 bit encryption.
Which is where I get my "doable on a modern box" theory.
Cheers,
--
Ben Nagy
Marconi Services
Network Integration Specialist
Mb: +61 414 411 520 PGP Key ID: 0x1A86E304
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
