Date: Sat, 6 May 2017 21:20:18 -0400 From: Rich Rumble <richrumble@...il.com> To: john-users@...ts.openwall.com Subject: Re: Max characters for password candidates (NTLM) and others On Thu, May 4, 2017 at 5:56 PM, magnum <john.magnum@...hmail.com> wrote: > On 2017-05-04 23:44, Frank Dittrich wrote: > > Am 04.05.2017 um 23:27 schrieb magnum: > >> The NT formats have a max length of 27 *characters* (for performance > >> reasons). > > > > The 27 character limit isn't really a hash format limitation, but a > > limitation of John's NT format implementation, ist that correct? > Correct. Off the top of my head, the actual maximum in Windows is 255 > characters. > > In theory, perhaps, but in practice 127 (max)for most users passwords. https://technet.microsoft.com/en-us/library/cc512606.aspx "Internally, Windows represents passwords in 256-character UNICODE strings. The logon dialog is limited to 127 characters, however. Therefore, the longest password that can be used to log on interactively to a computer running Windows is 127 characters. Theoretically, programs such as services can use longer passwords, but they must be set programmatically because the password change dialog will not allow a password longer than 127 characters." Just my .02 :) -rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.