Vulnerability Development: AOL passwords

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

AOL passwords

From: Jacob McMaster <jmcmaster () appliedsystems com>
Date: Wed, 1 May 2002 09:41:42 -0500

I don't know if anyone has said this but, AOL allows you to use a 8+
character password, but when signing in it will only check the first 8
character and then it doesn't matter if you type the rest of the password or
type the rest of it wrong it will let you in that account.  Also their
access to your email via the web, it will actually tell you its the wrong
password if your password is over 8 characters and you type the whole thing
in, you have to type only the 1st 8 characters to get into it.  Not sure
this is a major issue, but would make the cracking process eaiser for
someone if they know there is a max of 8 characters needed.

By Date By Thread

Current thread:

AOL passwords Jacob McMaster (May 01)
- Re: AOL passwords Remington Winters (May 01)
  - Re: AOL passwords Nexus (May 01)
- <Possible follow-ups>
- RE: AOL passwords TUTTLE, TERESA A (SBCSI) (May 01)
  - RE: AOL passwords jon schatz (May 01)