On Mon, 29 Nov 2010 04:39:54 -0600 Brian Westerman <[email protected]> wrote:
:>It's kind of difficult to use a brute force attack when RACF revokes the ID :>after a site specified number of attempts. Assuming the site doesn't allow :>1 or 2 character passwords (you don't do you), even if the site were to :>allow 100 attempts, it's statistically a REALLY long shot to guess the :>password. I would imagine that most sites have 3 or 4 as the number of :>attempts, making the probability for success of a brute force attack too :>remote to consider as they wouldn't even get out of the single character :>attempts. If you have the offload, you can make as many attempts as you wish. -- Binyamin Dissen <[email protected]> http://www.dissensoftware.com Director, Dissen Software, Bar & Grill - Israel Should you use the mailblocks package and expect a response from me, you should preauthorize the dissensoftware.com domain. I very rarely bother responding to challenge/response systems, especially those from irresponsible companies. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
