S/Key and OPIE
Florin Andrei
florin at andrei.myip.org
Sun Dec 25 19:03:23 UTC 2005
On Sun, 2005-12-25 at 05:43 +0500, Sergey wrote:
> Also, is Fedora willing to change from MD5 password crypts? It appears be very
> weak against brute-force attacks - I cracked *ALL* my system/user password
> (~20) within a night (got plain-text passwords) with a help of jack and a
> simple shell script.
All encryption algorithms are equally vulnerable against non-crypto
attacks such as brute force. You're not attacking the encryption per se.
> (*) Keep this in mind - once I own you /etc/shadow file, I know all your
> *REAL* passwords.
Obviously.
--
Florin Andrei
http://florin.myip.org/
More information about the users
mailing list