Unless the attacker knows that the system is case-insensitive, the mean time to break-in will be the same since they will still test passwords of all case.
Huh???
If passwords are case insensitive, there are a lot more character patterns that will match the password, and hence a much higher probablility that one of those patterns will be hit (thus cracked) before precisely matching the case sensitive password.
Seems obvious that case sensitivity improves the quality of a password, the issue is by how much?
Regards, Joe Huber _______________________________________________ Unsubscribe or switch delivery mode: <http://www.realsoftware.com/support/listmanager/> Search the archives of this list here: <http://support.realsoftware.com/listarchives/lists.html>
