|
Since you guys seem to know more about this than most of us, my question: is there such a thing as a pwd that cannot be brute forced? jim ----- Original Message ----- From: "Hall, Philip" <phall@xxxxxxxx> To: "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx> Sent: Tuesday, September 28, 2004 11:24 PM Subject: RE: Display User Password? > > -----Original Message----- > > From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l- > > bounces@xxxxxxxxxxxx] On Behalf Of Douglas Handy > > Subject: Re: Display User Password? > > > > Phil, > > > > >it take somewhere in the region of 20 minutes plus do decrypt just > > *one* iSeries password on a fast PC. > > > > FWIW, last I knew that very much depended on the length of the > > password. Assuming the old style passwords (ie not 128-char and with > > lanman pwds intact), then my PC can test somewhat over 19 million > > passwords per second using an AS/400 password cracker obtained off the > > internet. > > Doug, > > The program I used took into consideration that the 10 char passwords are split into two separate units; one of 7 chars and one of 3 chars. Plus it took into consideration some of the other 'reduction in security features' of the AS/400 passwords too. Net effect was a brute force attack[1] that produced (the correct) results in about 20 mins. > > --phil > > [1] In a prior email I said 'decrypt, not brute force'. I misstated that, it is a brute force attack. >
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.