On Mon, 2 Jun 2003 05:30 pm, Derek Fountain wrote:
As a matter of interest, has anyone on the list tried running John the Ripper on their password file? I just tried mine, and was rather alarmed!
Had to do that a while ago using "crack" against 1200 crypted paswords. Got 10% immediately and almost 1/4 of them in a few days. Probably par for the course. We set crack based password checking (it's instantaneous while you know the unencripted string) loaded all the cracked passwords into the dictionary explicitly and set them to expire... Computing power is scary these days, always go into security and set MD5 encription. -- Michael James michael.james@csiro.au System Administrator voice: 02 6246 5040 CSIRO Bioinformatics Facility fax: 02 6246 5166