[email protected] (Andrew Rowley) writes: > I'm sure it is using the encryption method. The speed of password > cracking on GPUs is fast enough that most hashes are vulnerable using > traditional length passwords. RACF might be worse than some because > the algorithm might not be specifically designed to be slow - I don't > know. > > The answer is to assume that anybody who can read the encrypted > passwords of a system (password database, backups etc.) can crack some > or all of them. RACF is no different to other systems in that > regard. This isn't news - it has been SOP for as long as I have been > in the industry.
also http://en.wikipedia.org/wiki/Password_cracking things were speeded up some when repositories of tens of thousand of the most common passwords were published. some countermeasure http://en.wikipedia.org/wiki/Salt_%28cryptography%29 simple search engine turns up how to crack racf passwords (from feb2013) http://mainframed767.tumblr.com/post/43072129477/how-to-copy-the-racf-database-off-the-mainframe-and also from search http://www.toolswatch.org/2014/02/new-tool-racfsnow-password-cracker-for-racf-ibm-mainframe-v1-5-in-the-wild/ disclaimer: we have dozens of patents on non-password, non-PKI, non-digital-certificate public key authentication http://www.garlic.com/~lynn/aadssummary.htm basically recording publickey in lieu of password; we did implementations for both radius and kerberos ... as well as some prototype chips. -- virtualization experience starting Jan1968, online at home since Mar1970 ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
