![]() ![]() ![]() He passed it on to me and I finished the particulars. Here's how it went.įirst, Mark pulled a rule out of the Korelogic rule set and began to rebuild it to meet specs. Props to Korelogic for their kick as "Crack Me If You Can" password generation rules which we used as our baseline. That was the discussion that Mark Baggett of PaulDotCom and I were having when we decided to write our own JTR filters to build word lists for cracking complex passwords. What's the best way to crack these complex passwords? Brute forcing would be infeasible given a time limit, most word lists are full of patterns which don't meet the criteria, and none of JTR's built-in filters and rule sets are designed to specifically attack complex passwords. This is a complex standard used by many organizations as the minimum requirement for user passwords. 2 uppercase, 2 lowercase, 2 numbers, 2 special characters, and a minimum length of 10. Those wonderful things which motivate users to write their passwords on sticky notes and place them under the keyboard, or store them in text files on their desktop. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |