[plug] Is Red hat truly flawed?
The Thought Assassin
assassin at live.wasp.net.au
Tue May 2 16:31:38 WST 2000
On Tue, 2 May 2000, Christian wrote:
> On Tue, May 02, 2000 at 01:10:01PM +0800, Scott, Simon wrote:
> > So he got the password file... and???? any site that maintains normal
> > password checking means that brute force dictionary attacks are
> > rendered virtually useless...
> I doubt that most sites actually do this on a regular basis. If you can
> get the shadow password file then you're probably going to break a small
> but significant number of accounts. It's a pity that bcrypt hasn't been
> ported to Linux.
And bcrypt stops you from encrypting your dictionary how?
-Greg
More information about the plug
mailing list