[Info-vax] password strength (Re: VMS humor)
Some Dude
dgordonatvsi at gmail.com
Thu Dec 31 15:26:50 EST 2020
On Thursday, December 31, 2020 at 1:02:59 PM UTC-5, Craig A. Berry wrote:
> On 12/31/20 12:29 AM, John Reagan wrote:
> But unless the entire phrase is in someone's password cracking
> dictionary, the fact that portions contain well-known words doesn't
> really make any difference, does it? If it did, delimiting with
> non-space characters would take care of that.
Nope. Sophisticated attacks use dictionary tokens just the same as individual letters or symbols.
Also most attacks against a compromised authorization file start with a giant database of previously-obtained password hits under the theory that there might be user overlap with a previously-compromised account and that people are lazy.
More information about the Info-vax
mailing list