hackfix-virusnews: All about passwords (Interesting article.. security related in a roundabout way)

  • From: "Christy" <snowz@xxxxxxxxxx>
  • To: hackfix-virusnews@xxxxxxxxxxxxx
  • Date: Thu, 03 Oct 2002 14:25:12 -0400

All about passwords

A password in the virtual word is something like a
lock in the world of reality. We all encounter
passwords when entering Internet , using networks,
receiving e-mail etc. Naturally, there are people out
there who want to get your passwords. Here is some
brief information about how they do it and how you
can protect yourself. At the end of this page are
some practical advices on how to choose a reliable
password.
                       
Sometimes a protection system has a breach of some
sort which lets breaking it easily. Such was the
password storage system in the original Windows '95
(this error corrected in OSR2). Yet, if the
protection system you use had been designed properly
(see here about correct ways of password
verification) the only remaining way of hacking is
searching all passwords (although this search may be
quite intelligent - read further about this). For a
password search it is important to know how many
passwords are possible and what is the search speed.
The quantity of password variants equals to N^M,
where N is the quantity of characters in a charset
(i.e., the quantity of characters that may be
virtually present in a password) and M is the maximum
length of a password. By dividing this number by the
speed of a search we obtain the T - the time for a
complete search, that is, in the 'worst case' the
time we have to wait to get a password. In the 'best
case' the very first password will be the right one.
The probability to find a password during the time of
t equals to p=t/T, for example, a probability to find
the password during the half of time indicated equals
to 50%.

Read more here:
http://www.lastbit.com/psw.asp

(C) 1997-2002 LastBit Software

~*~*~*~*~
To unsubscribe from our list send an email 
to hackfix-virusnews-request@xxxxxxxxxxxxx?Subject=unsubscribe.

For a complete list of email commands for our list send 
an email to ecartis@xxxxxxxxxxxxx with a subject line of 
"info hackfix-virusnews" without the quotes.
~*~*~*~*~

Other related posts:

  • » hackfix-virusnews: All about passwords (Interesting article.. security related in a roundabout way)
  1. Home
  2. hackfix-virusnews
  3. Archive
  4. 10-2002