Date: Mon, 19 Nov 2012 19:14:18 +0100 From: Simon Marechal <simon@...quise.net> To: john-users@...ts.openwall.com Subject: Re: How does incremental mode works? On 11/19/2012 04:59 PM, Richard Miles wrote: >> > In most cases, you don't know how the passwords you want to crack will >> > look like. >> > In this case, the rockyou list probably is a safe bet. >> > Please note that it might not be if password policy enforces passwords >> > which are way more complicated than the average rockyou password. >> > > And what do you recommend as a dictionary to generate a stats file for > companies using password policy enforcement? This will usually not work too well. This is not a silver bullet ... You need a different model in order to account for this kind of passwords. Mangling rules are probably more effective here ... These days I do not have a good source of "real corporate passwords", I only work on the public leaks, so I really can't answer this ...
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.