Date: Thu, 11 Jun 2015 10:47:06 -0400 From: Rich Rumble <richrumble@...il.com> To: john-users@...ts.openwall.com Subject: Re: PRINCE mode: sequence of generated passwords On Thu, Jun 11, 2015 at 4:32 AM, Frank Dittrich <frank.dittrich@...lbox.org> wrote: > How hard would it be to implement another sequence (controlled by an > additional --prince-* option)? > The alternative sequence should assume that words on top of the password > list are more likely. Most of my wordlists are sorted by alphabet, I know most peoples are probably too. > Another alternative would assign a weight to each word (depending on the > position in the word list), and then generate the sequence according to > the total weight (e.g., the sum of weight of each word). > This might be harder to implement efficiently, but would prefer > combinations of two words over combinations of three words. I've postulated about something like this in the past, I didn't expound on it, and this was before Prince was a thing, and then when it was :) http://www.openwall.com/lists/john-users/2012/11/16/10 http://www.openwall.com/lists/john-users/2014/12/10/5 The users I train for Security Awareness, I tell them to use misspellings and homophones and length, and it's harder for me to crack them next quarter. https://xinn.org/blog/Choosing-Stronger-Passwords.html -rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.