Thread: OT Yahoo breach
View Single Post
  #42   Report Post  
Posted to alt.home.repair
Diesel Diesel is offline
external usenet poster
  
Posts: 1,131
Default OT Yahoo breach
"Mayayana"
Sun, 25 Sep 2016 18:24:29 GMT in alt.home.repair, wrote:


You can *seem* to make more obscure passwords
by adding *, !, etc. And you could add those to the 4
words. The author of the articles linked also uses
spaces between words.

The author doesn't seem to understand/grasp the different ways one
can accomplish cracking passwords, OR, you misunderstood what they
wrote. I didn't check your url, so can't confirm.

You could also capitalize some characters. But as long as the
password cracker assumes those characters are possibilities it
will test for them, so they're no more unique than "a".
Menawhile, you have a 20-character password that you can remember.

No example you've provided so far is any threat to brute force. You
aren't even trying. lol. If the site will let me keep trying until I
get it right, I need nothing more than a quick and dirty character
generator that continues to increase the amount of characters until I
get it. Yes, it's that simple. Yes, I can write one to generate ALL
possible 20 character combinations you can possibly think of, in
say.. 10-15 minutes. Likely, less. Honestly. The time required to go
and test them will depend on how quickly I can issue the new password
to be tested to the host/program asking for it. And, that's about the
only real limit there is with your examples.

IE: your advice isn't sound and should be ignored because it's only
useful for SIMPLE dictionary based attacks that rely on common words.
A modified dictionary attack that can link various words and maintain
upper/lower case caps, etc, won't be fooled by your suggestions,
either.

The only possible defense your advise offers against either of the
aforementioned algorithms is a limit by the host/program that's
asking for the password. If it will let me try until I get it, you're
****ed two ways from sunday. Especially with the samples you've
provided so far.

Stick to what you actually seem to know about.. ok? leave the hacking
stuff for those of us who've been there and done it.

--
MID:
Hmmm. I most certainly don't understand how I can access a copy of a
zip file but then not be able to unzip it so I can watch it. That
seems VERY clever!
http://al.howardknight.net/msgid.cgi?ID=145716711400
Reply With QuoteReply With Quote