Security, Password, Hash Values, etc.

Not directly related to subject but since it is related to passwords, security, hashes, big chunks of data processing, etc. ... Here we go : Advanced Instant NT Password Cracker

You think a password like u76d0pelgbuz3 quite complex and hard to break (it took these guys just 2 seconds!)? Just read the technical paper and think again ;-)

Comment on Security, Password, Hash Values, etc.

Replies are listed 'Best First'.
Re: Security, Password, Hash Values, etc. by hardburn (Abbot) on Jul 23, 2003 at 13:29 UTC
That program is based on the fact that NT systems don't store the password with a salt value. That company claims that its program is "the first of its kind for NT", but I'd be very surprised if that was true. Not using salt in a hashed password is just stupid, as these guys demonstrated. ---- I wanted to explore how Perl's closures can be manipulated, and ended up creating an object system by accident. -- Schemer Note: All code is untested, unless otherwise stated	[reply]

Replies are listed 'Best First'.

Re: Security, Password, Hash Values, etc.
by hardburn (Abbot) on Jul 23, 2003 at 13:29 UTC

That program is based on the fact that NT systems don't store the password with a salt value. That company claims that its program is "the first of its kind for NT", but I'd be very surprised if that was true. Not using salt in a hashed password is just stupid, as these guys demonstrated.

----
I wanted to explore how Perl's closures can be manipulated, and ended up creating an object system by accident.
-- Schemer

Note: All code is untested, unless otherwise stated

[reply]