Swiss Researchers Exploit Windows Password Flaw

Posted by timothy on Wednesday July 23, 2003 @03:22AM from the sigh dept.

Bueller_007 writes "CNET is carrying an article about a new (albeit simplistic) method used to hack alphanumeric Windows passwords in a matter of seconds, rather than minutes. To blame is a 'weakness in Microsoft's method of encoding passwords.' According to the authors, the same method, when used on Mac OS X, Unix and Linux boxes, however, could require either 4,096 times more memory or 4,096 times longer." A few more details: Mister.de writes "As an example we have implemented an attack on MS-Windows password hashes. Using 1.4GB of data (two CD-ROMs) we can crack 99.9% of all alphanumerical passwords hashes (2 37 ) in 13.6 seconds whereas it takes 101 seconds with the current approach using distinguished points. We show that the gain could be even much higher depending on the parameters used. This was found at the Cryptography and Security Laboratory of the Swiss Federal Institute of Technology in Lausanne (EPFL)."

3 of 519 comments (clear)

Min score:

Reason:

Sort:

Re:This is why... by Creepy+Crawler · 2003-07-23 03:32 · Score: 0, Offtopic

All you need is gelatin ;-)
--
- Mod parent up! by Anonymous Coward (Score:1) Thurs, Nov 31, @13:37
Original Source by gandalf013 · 2003-07-23 03:35 · Score: 0, Offtopic

Original post on Google Groups. People might like other posts by Egg Troll too.
Re:Company Memo: New security procedures. by ceejayoz · 2003-07-23 08:38 · Score: 0, Offtopic

Jane Roe: Roe v. Wade was a fraud

Judge: I don't give a shit if your opinion on the matter changed when you became a fundie, the legal basis for the decision remains. STFU.