Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20120625055845.GA8515@openwall.com>
Date: Mon, 25 Jun 2012 09:58:45 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: john --show

On Sun, Jun 24, 2012 at 07:19:39PM -0400, Brad Tilley wrote:
> Is the output of --show stable? Does it change often?

It's been stable so far.  It hasn't changed in the past 15 years, except
for wording in the cracked / left line and some subtleties in handling
of split hashes (bigcrypt, LM and the like).

> I plan to parse it
> and combine it with some policy checking routines I've written (minimum
> length, complexity checking, etc.) so when performing audits I can provide
> more details to the clients and managers receiving the reports. So rather
> than just showing, "yes, these user account passwords were cracked", I can
> show if the cracked account passwords met the existing password complexity
> policy, or not.

Sounds good.

A problem is that there's no escaping of colons that might be part of
passwords.  We'll need to add a new output mode to take care of that.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.