Passwords

Genesis

Administrator
Staff member
That just puts a bitter taste in one's mouth. Like where on earth is this going to end? Fortunately I hope they'll only be interested in persons of interest. I can't imagine they'd every be interested in me.
 

Peter

Member
It wasn't very clear to me how successful they where at guessing random passwords. For completely random passwords there shouldn't be any advantages in using a neural network. I guess what could be used is the fact that some services force people to include certain characters (digits, upper case letters, special symbols, etc.) and some password generating tools make sure to always include such characters. This makes some "random" passwords more likely than others which is something a neural network could learn to exploit.
 

Yozora

Moderator
Peter said:
It wasn't very clear to me how successful they where at guessing random passwords. For completely random passwords there shouldn't be any advantages in using a neural network. I guess what could be used is the fact that some services force people to include certain characters (digits, upper case letters, special symbols, etc.) and some password generating tools make sure to always include such characters. This makes some "random" passwords more likely than others which is something a neural network could learn to exploit.

That would be awful! The worst type of site password rule I run into is limits on password length. I can understand why they don't want short passwords, but I occasionally run into a site that tells me I can't use a password because it's too long. I bet hackers love it when they see rules like "passwords must be between __ and __ number of characters long".
 

CHT

New member
Don't forget the must not be longer than __ characters. The worst would still be that must be inbetween x and y though.
 

Peter

Member
I don't think an upper limit is much of a problem in itself, as long as it's high enough, but if the limit was unreasonably low I would be worried that they are storing the passwords in clear text.
 

GndZ3r0

New member
The NSA probably have their hands on this type of software. :diablo:

Nothing is 'safe' or 'secured' when it comes to computers.

Ever heard of Stuxnet? yeah.
 

c0nvct

New member
Crunch. The max/min password length and symbols etc is all thought about with Crunch by applying required parameters, i.e. alpha/numeric/upper/lower and symbols. It took me a little bit of experimenting to get my head around, you guys will probably 'get it' far quicker than me.

GPU's are the way forward with brute force attacks - check out Pyrit