Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Why use strong passwords?
Special Forums Cybersecurity Why use strong passwords? Post 302726991 by Neo on Monday 5th of November 2012 12:57:01 PM
Old 11-05-2012
Quote:
Originally Posted by Neo
According to this quick wikipedia article on password strength (FWIW):
Quote:
As of 2011, commercial products are available that claim the ability to test up to 2,800,000,000 passwords per second on a standard desktop computer using a high-end graphics processor.
Quote:
Originally Posted by jgt
Picking easy passwords allows the use of a "common password dictionary", however, even this method requires the testing be done on the target system, as not all systems use the same algorithm or seed.
A 'simple' password of 8 characters made up of only lowercase letters and digits allows 2821109907456 possibilities, which at 1000 possibilities per second still requires 32615 days to test.

Given these two quotes above, jgt's example goes from 32615 days to test to 0.0116 days to test, or a bit more than 15 minutes (around 17 minutes, I think if my math was right).

Edit: Confirmed 16.79 minutes using a high end desktop computer in 2011 per the wikipedia number in the reference
 

2 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Strong quotes and spaces

We ran into a problem because of a shop that uses Windows and UNIX. The file names that Windows uses have spaces in them. When they get moved to the unix system they still have spaces. This produces a problem in our script that moves them again from one unix system to another. I've made up a... (2 Replies)
Discussion started by: jimcampanella
2 Replies

2. UNIX for Advanced & Expert Users

When did UNIX start using encrypted passwords, and not displaying passwords when you type them in?

I've been using various versions of UNIX and Linux since 1993, and I've never run across one that showed your password as you type it in when you log in, or one that stored passwords in plain text rather than encrypted. I'm writing a script for work for a security audit, and two of the... (5 Replies)
Discussion started by: Anne Neville
5 Replies

LEARN ABOUT DEBIAN

lchage

lchage(8)						      System Manager's Manual							 lchage(8)

NAME

       lchage - Display or change user password policy

SYNOPSIS

       lchage [OPTION]... user

DESCRIPTION

       Displays or allows changing password policy of user.

OPTIONS

       -d, --date=days
	      Set the date of last password change to days after Jan 1 1970.

       -E, --expire=days
	      Set the account expiration date to days after Jan 1 1970.  Set days to -1 to disable account expiration.

       -i, --interactive
	      Ask all questions when connecting to the user database, even if default answers are set up in libuser configuration.

       -I, --inactive=days
	      Disable the account after days after password expires (after the user user is required to change the password).

       -l, --list
	      Only list current user's policy and make no changes.

       -m, --mindays=days
	      Require at least days days between password changes.  Set days to 0 to disable this checking.

       -M, --maxdays=days
	      Require changing the password after days since last password change.  Set days to 99999 to disable this checking.

       -W, --warndays=days
	      Start warning the user days before password expires (before the user is required to change the password).

EXIT STATUS

       The exit status is 0 on success, nonzero on error.

libuser 							    Jan 12 2005 							 lchage(8)
All times are GMT -4. The time now is 05:21 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy