Re: frustrate shouldservers

[Jude DaShiell <jdashiel@xxxxxxxxx>]

I will write this much about rainbow dictionaries and no more.  Where 
security is a high priority passwords for the last few years have been 
too long for rainbow dictionaries to crack them.  The dictionaries would 
have to be too large and smartcards are used to enter credentials.
I think there's a program called makepwd available too that can help 
with password generation too.

On Fri, 3 Feb 2017, Janina Sajka wrote:

> Date: Fri, 3 Feb 2017 12:35:04
> From: Janina Sajka <janina@xxxxxxxxxxx>
> Reply-To: Linux for blind general discussion <blinux-list@xxxxxxxxxx>
> To: blinux-list@xxxxxxxxxx
> Subject: Re: frustrate shouldservers
>
> Sure, but how long to try each of those against any particular address?
>
> When I was still open over IPv4, you'd be blocked by denyhosts after
> just a handful of tries, unless you also managed to attack from
> different IP addresses. Hardly anyone is able to do that over a /24, let
> alone a /16 or /8.
>
> Now, if I could just find a SIP to PSTN gateway service provider that
> supports IPv6 and would allow me to port in a PSTN number I've had for
> over 20 years ...
>
> Eric Oyen writes:
> > well,
> > you could also use a little linux utility called "pwgen". It can generate short or very long sequences of characters for passwords (the last time I tried, I created a rainbow dictionary from password strings that started at 3 characters and ended somewhere around 50 long. The dictionary I created was over 2 terabytes big. the password strings contained every character that can be directly accessed on a US 112 key keyboard.
> >
> > combine that with jack the ripper, and I had the ultimate password cracking suite. :)
> >
> > -eric
> > from the central office of the Technomage Guild
> >
> > On Feb 2, 2017, at 10:03 AM, Jude DaShiell wrote:
> >
> > > When using a password generator it can help to pick a password from a list shown but not key it in or store it in the same way it appears on the screen.  Several scrambling possibilities exist probably only limited by the imaginations of those picking the new passwords.  It's just a matter of picking a system and using it.  One could also store the password on paper in the way it appears on the screen but then enter it differently when put into use.  Even if someone found your password information they'd be frustrated that way.
> > > Another possibility would be to generate a longer password string than you'll use and pick a subset of the characters in the string to enter for a password.
> > > These I consider possible instances to have fun at the expense of shoulderservers and anytime anything can be done at their expense I consider a good day's work.
> > >
> > >
> > >
> > > --
> > >
> > > _______________________________________________
> > > Blinux-list mailing list
> > > Blinux-list@xxxxxxxxxx
> > > https://www.redhat.com/mailman/listinfo/blinux-list
> >
> >
> > _______________________________________________
> > Blinux-list mailing list
> > Blinux-list@xxxxxxxxxx
> > https://www.redhat.com/mailman/listinfo/blinux-list

--

_______________________________________________
Blinux-list mailing list
Blinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/blinux-list