Re: password strength checking not consistently implemented
Terry Lambert <email@example.com> writes:
> Without the strength checking on the password change, I have to
> reexpand my search space to the entire search space, and it takes
> a lot longer to crack passwords.[/color]
> A. Hacker[/color]
I'd think that that would depend on the people choosing passwords and
whether the cracker is going after one particular user or just any one
of many. I'd expect it, on average, to take a lot less long if you
start your search well: "password", "drowssap", etc.
(I guess it makes sense that "A. Hacker" WOULD try to discourage
password strength checking. :)
This reminds me of the guy who insisted on setting his lock with truly
random numbers and his truly random number generator spit out 0, 0, 0
(or whatever the factory default was).
[email]firstname.lastname@example.org[/email] mailing list
To unsubscribe, send any mail to "email@example.com"