[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 25 Aug 2010 13:16:27 +0200
From: Simon Marechal <simon@...quise.net>
To: john-users@...ts.openwall.com
Subject: Re: Statistics - Real World
Le 25/08/2010 03:28, Rich Rumble a écrit :
> I am going to ask my friend to help write up something in php in the hopes that
> it will be useful perhaps to others. Maybe Markov stat files do something like
> this already and it could be adapted/expanded, I've not used that mode
> yet, but I
> am going to sometime soon.
Markov stats of your passwords would be interesting to me, with the
vanilla stats file and with stats file you could have trained on your
corpus.
My "real world" passwords were usually REALLY weak. In organisations
where stronger policies were set, all users tended to share the same
passwords. Even worse, when a default password was provided and users
were invited to change it at first login, they usually selected a
password that looked alike. When there is an expiration policy, they
just appended numbers. The only hard passwords were for admin passwords,
with the exception of application passwords (backup/backup for the win).
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
