[Dshield] Re: Passwords

Sean Waddell swaddell at espgroup.net
Tue Mar 19 15:36:47 GMT 2002

Just wanted to throw my $.01 into the mix....this is a good read from


Sean Waddell
Network Engineer
ESP Group

Ed Truitt wrote:
> That is a "feature" of the WIndows LANMAN hash, and doesn't apply to other
> password types.  MD5 password are relatively secure (I say "relatively" as
> with enough time and CPU power most any password can be brute-forced.)
> This feature of the WIndows password actually makes a 7 character password
> stronger than an 8-character password - something many IT auditors find very
> hard to comprehend :^)
> Cheers,
> Ed Truitt
> PGP fingerprint:  5368 D25E 468C A250 9833  CCD6 DBAE 9C25 02F9 0AB9
> http://www.etee2k.net
> http://www.bsatroop148.org
> "Note to spammers:  my 'delete' key is connected to YOUR ISP.
>  Also, if you send me UCE, I reserve the right to post your spew
> on my Web site, with the appropriate color commentary, so that
> others may have a good laugh at your expense."

More information about the list mailing list