Now you are all entering you real current Password right? Hmmm..how long until you are hacked because the collected those Passwords?
-----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Friday, August 12, 2011 2:19 PM To: NT System Admin Issues Subject: Re: Almost, but not quite OT: Passwords A good brute force attack doesn't throw passwords out for authentication - just gets the hashed passwords and checks them against hashed values, AFAIK. Therefore account lockouts are not triggered. Sent from my POS BlackBerry wireless device, which may wipe itself at any moment ________________________________ From: "Ben Schorr" <[email protected]> Date: Fri, 12 Aug 2011 09:15:39 -1000 To: NT System Admin Issues<[email protected]> ReplyTo: "NT System Admin Issues" <[email protected]> Subject: RE: Almost, but not quite OT: Passwords Length is more important than complexity, no doubt. While it's good to have mixed case and numbers and symbols the fact that you COULD is enough to force any brute force attack to check for it. And, frankly, any system that will allow 1,000 passwords a second to be thrown at it without locking the account or alerting an admin has a serious problem. Ben M. Schorr Roland Schorr & Tower www.rolandschorr.com | www.officeforlawyers.com | Twitter: @bschorr From: andy [mailto:[email protected]] Sent: Friday, August 12, 2011 12:00 To: NT System Admin Issues Subject: RE: Almost, but not quite OT: Passwords huh.. just tried something similar to one of my passwords, all lowercase, all letters, of course my real password has a couple of numbers in it. 780 quintillion years 20 character password all lowercase - 97billion years 11character password all lowercase 314 years huh... the password -- 0987654321aaaaaa -1 billion years aaaaaaaaaaaa - 12 years to hack so much for the password rules. then again my password would not work on a unix system. Are unix systems still only 8 characters. it looks like any 8 character password can be hacked in less than a week. At 11:00 AM 8/11/2011, Kennedy, Jim wrote: Good point, I just got phished. From: Gary Slinger [ mailto:[email protected] <mailto:[email protected]> ] Sent: Thursday, August 11, 2011 10:57 AM To: NT System Admin Issues Subject: Re: Almost, but not quite OT: Passwords It wasn't one of my current 'real' passwords. I'm not putting one of those in on a site I don't know. ________________________________ From: "Kennedy, Jim" <[email protected]> Date: Thu, 11 Aug 2011 10:46:08 -0400 To: NT System Admin Issues<[email protected]> ReplyTo: "NT System Admin Issues" <[email protected]> Subject: RE: Almost, but not quite OT: Passwords Buwhahahah.... 124 thousand years. From: Gary Slinger [ mailto:[email protected] <mailto:[email protected]> ] Sent: Thursday, August 11, 2011 10:45 AM To: NT System Admin Issues Subject: Re: Almost, but not quite OT: Passwords With one special character, 15 years. Without it, 4 days. Interesting. ________________________________ From: "Martin Blackstone" <[email protected]> Date: Thu, 11 Aug 2011 07:19:59 -0700 To: NT System Admin Issues< [email protected] <mailto:[email protected]> > ReplyTo: "NT System Admin Issues" < [email protected] <mailto:[email protected]> > Subject: RE: Almost, but not quite OT: Passwords I got one year. From: Shauna Hensala [ mailto:[email protected] <mailto:[email protected]> ] Sent: Thursday, August 11, 2011 7:16 AM To: NT System Admin Issues Subject: RE: Almost, but not quite OT: Passwords Have your users go here: http://www.howsecureismypassword.net/ and enter their password to see how long it would take to crack. A fun little exercise. Description: Red roseShauna Hensala ________________________________ From: [email protected] To: [email protected] Subject: RE: Almost, but not quite OT: Passwords Date: Thu, 11 Aug 2011 13:43:08 +0000 I changed my bed linens at the beginning of each semester whether they needed changing or not. J Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com <http://www.carlwebster.com/> From: Crawford, Scott [ mailto:[email protected] <mailto:[email protected]> ] Sent: Thursday, August 11, 2011 8:32 AM To: NT System Admin Issues Subject: RE: Almost, but not quite OT: Passwords nice. Reminds me of an old roommate, "I clean the shower every six months whether it needs it or not." Sent from my Palm Pre on the Now Network from Sprint ________________________________ On Aug 11, 2011 7:42 AM, Webster <[email protected] > wrote: I change my passwords religiously every 7 years. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com <http://www.carlwebster.com/> From: Gasper, Rick [ mailto:[email protected] <mailto:[email protected]> ] Subject: RE: Almost, but not quite OT: Passwords Crap...I now have to change my password again... From: Jon Harris [ mailto:[email protected] <mailto:[email protected]> ] Subject: Re: Almost, but not quite OT: Passwords If the in-house team ever got a round to it both could be kept happy but using something like "Horses like 2 fly, like bugs like to be stepped on!" Complex and easy to remember. How long would that take for a brute force attack or a dictionary attack to get the password? FYI that is NOT one of my passwords! Jon On Wed, Aug 10, 2011 at 6:10 PM, Webster <[email protected] > wrote: Because the security team and or auditor are simply following a check list. Complex passwords required - check. My job is done. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> > ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> > ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> > ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> > ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> > ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> > ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> > ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> > ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> > ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin Content-Type: image/gif; name="image001.gif" Content-Description: image001.gif Content-Disposition: inline; Content-ID: <[email protected]> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ________________________________ CONFIDENTIALITY NOTICE: This e-mail and any attachments are confidential. If you are not the intended recipient, you do not have permission to disclose, copy, distribute, or open any attachments. If you have received this e-mail in error, please notify us immediately by returning it to the sender and delete this copy from your system. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
