[Packet-ninjas-syn-k1ck] Re: [Dshield] Password Strength

Frank Knobbe frank at knobbe.us
Tue Oct 19 20:22:43 GMT 2004


On Tue, 2004-10-19 at 15:10, Thomas Torgerson wrote:
> ouch!...
> In this case, OTP is the only way to go...

Not necessarily. The existing rainbow tables are only for a 14 char key
space. Windows can be configured to handle passwords up to 127 chars in
length. So just by adding a few more characters you already create a
password that these tables can not break. (See recent passphrase
discussion in various mail lists).

With each additional character, the rainbow tables would require 67 more
choices (then multiply by the hash length and add a few bytes overhead).
15 chars = 67 * 25 GB
16 chars = 4489 * 25 GB
17 chars = 300763 * 25 GB

etc

Regards,
Frank

PS: Feel free to quibble about bytes if my math skills are off :)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part
Url : http://www.dshield.org/pipermail/list/attachments/20041019/692165c8/attachment.bin


More information about the list mailing list