I was under the understand that passwords of over 14 characters were stored with a more secure hash, therefore 14 characters passwords were harder to crack, due to the more secure hash. Windows will create two different hashes for passwords shorting than 14 characters, I do believe.
Just use a non-printable character in your password and cracking is useless...if they crack it, they can't read what they cracked. ;) > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Pavel Kankovsky > Sent: Sunday, October 17, 2004 2:21 PM > To: [EMAIL PROTECTED] > Subject: Re: [Full-Disclosure] Senior M$ member says stop > using passwords completely! > > On Sat, 16 Oct 2004, Frank Knobbe wrote: > > > It's a nice recommendation of MS to make (to use long passphrases > > instead of passwords). But I don't consider 14 chars a "passphrase". > > Perhaps they should enable more/all password components to > handle much > > longer passwords/phrases. > > A passphrase consisting of 7 words and 12 bits of entropy per > a word is as guessable as a password with 14 characters and 6 > bits of entropy per a character. You get 84 bits of total > entropy in both cases. > > The only advantage of passphrases is that lusers might find > long random sequences of words easier to remember than long > random sequences of characters. > > (But wait: 12 bits of entropy per a word--this is equivalent > to a uniform choice of one word out of 4096. 4 thousand? That > might exceed an average luser's vocabulary by an order of > magnitude! ;>) > > --Pavel Kankovsky aka Peak [ Boycott > Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. > Open your source code and prepare for assimilation." > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
