<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Vulnerability Development: AOL passwords

AOL passwords

From: Jacob McMaster <jmcmaster_at_appliedsystems.com>
Date: Wed, 1 May 2002 09:41:42 -0500

I don't know if anyone has said this but, AOL allows you to use a 8+
character password, but when signing in it will only check the first 8
character and then it doesn't matter if you type the rest of the password or
type the rest of it wrong it will let you in that account. Also their
access to your email via the web, it will actually tell you its the wrong
password if your password is over 8 characters and you type the whole thing
in, you have to type only the 1st 8 characters to get into it. Not sure
this is a major issue, but would make the cracking process eaiser for
someone if they know there is a max of 8 characters needed.
Received on May 01 2002

This message: [ Message body ]
Next message: Dave Booth: "Re: XP Screen Saver password uses Old password until logout or New one is used."
Previous message: Andy Wood: "[Fwd: FW: XP Screen Saver password uses Old password until logout or New one is used.]"
Next in thread: Erik Parker: "Re: AOL passwords / crypt() and online brute forcing"
Reply:(deleted message) Erik Parker: "Re: AOL passwords / crypt() and online brute forcing"
Maybe reply: TUTTLE, TERESA A (SBCSI): "RE: AOL passwords"
Reply: Remington Winters: "Re: AOL passwords"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos