×
The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.
On 23/04/2008, at 11:29 AM, Mike Cunningham wrote:
Don't you think the password crackers have figure out the number
for vowel trick and are using those variations in dictionary
attacks? I don't think a password of f1shh3ad is any more secure
anymore than fishhead. I like passphrases in mixed case for those
accounts that need the highest security
Whether they have figured it out or not is immaterial. It will take
more attempts to brute-force crack a password that omits vowels or
replaces them with numbers than to crack complete words.
Whether that adds much to the elapsed time of a brute-force attack
given the current desktop power is a separate argument.
Seems to me the purpose of all password rules is not to ensure
"uncrackable" passwords but rather to ensure less easily "guessable"
ones. It is primarily an audit-satisfaction tool.
Given enough time, enough CPU, and enough reason, probably anything
is crackable--certainly any encryption to which we have access. You
don't think the US Govt. allowed 128-bit encryption to all their
"friends" because they CAN'T crack it in a reasonable time do you?
Regards,
Simon Coulter.
--------------------------------------------------------------------
FlyByNight Software OS/400, i5/OS Technical Specialists
http://www.flybynight.com.au/
Phone: +61 2 6657 8251 Mobile: +61 0411 091 400 /"\
Fax: +61 2 6657 8251 \ /
X
ASCII Ribbon campaign against HTML E-Mail / \
--------------------------------------------------------------------
midrange.com
