#11
|
|||
|
|||
Re: Password Stealing
[ QUOTE ]
Writing a brute force password guessing script is not the hard part. The problem is the amount of time it would take. There's some 100 (just a guess) characters that you could use in your password. Even if you told me that your password has 8 characters, that's 100^8 = 10^16 = 10,000,000,000,000,000 different combinations. Even if you somehow managed to try a million per second, it'd still take you ten billion seconds, which is over 300 years. If they're trying to guess a password to an online site, it won't even be close to 1 million guesses per second. [/ QUOTE ] 8 hours or so for an NT password with no special characters, 24-72 hrs with, depending on length. |
#12
|
|||
|
|||
Re: Password Stealing
[ QUOTE ]
Yep. My company requires an 8-character p'word, must contain a number, a capital letter, and a special character. [/ QUOTE ] Ours is 8 characters and must contain one capital letter, one lower case letter, two number, a special character and we have to change it ever months and not use any of our last five passwords. The result of course is that everyone writes them down...very secure. [img]/images/graemlins/tongue.gif[/img] |
#13
|
|||
|
|||
Re: Password Stealing
I work graveyard shift at the Network Operations Center (NOC). We take help desk calls during that time. Our password policy is pretty new, so this is a typical call:
Client: It's not taking my password. Me: (what we said earlier) Client: wtf? |
|
|