On Thursday, January 25, 2007 6:10 PM [GMT+1=CET],
Chuck <[EMAIL PROTECTED]> wrote:
Harold Fuchs wrote:
The only real way to defeat a dictionary attack is to destroy the
encrypted document after <x> failures
Or simply do not use a password that is susceptible to dictionary
attacks. Use numbers, letters, mixed case, special characters, and
some reasonable minimum number of characters.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Mixed case won't help against a well written dictionary attack which will
have all the combinations catered for either in the word list or by
generating combinations within the code. Using numbers, letters etc. will
only help if they are not "obvious" - digit one for letter ell, dollar sign
for letter s etc. etc. "Obvious" substitutions are catered for in well
written dictionary attacks, again either in the word list or in the code.
Using non-obvious characters makes the password so hard to remember that one
is tempted to write it down ... But yes, inserting random weird characters
in one's password will defeat a dictionary attack.
Harold Fuchs
London, England
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
