Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: OpenSSH Password Question
From: "Bluefish (P.Magnusson)" <11a () GMX NET>
Date: Mon, 11 Dec 2000 12:15:48 +0100
Assume you use strong passwords with a-zA-Z0-9 and 8 characters long
passwords. You get 36^8 possible different passwords, [...]

a-zA-Z0-9 is 62, no? So it'd be 62^8?


Yep, must have been asleep while typing. The assumption was based on
a-z0-9 or something. And yes, you are right on crypt() being 64 bits.

Silly me! :)

Anyway, looked at the bcrypt papers pointers were refering to? If the
scheme is considered to be safe by cryptographers, it's one pretty neat
idea, adding a factor of 2^cost [where cost is an variable] to the time
complexity of the algorithm.

..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team

             http://www.eff.org/cafe

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]