Re: Password encryption

To: Pann McCuaig <pann@oz.net>
Cc: Oliver Elphick <olly@lfix.co.uk>, Debian Users <debian-user@lists.debian.org>
Subject: Re: Password encryption
From: Matthew Dalton <matthewd@research.canon.com.au>
Date: Thu, 04 Nov 1999 13:08:47 +1100
Message-id: <[🔎] 3820EAAF.81D6C75C@research.canon.com.au>
References: <[🔎] 19991102141813.A1447@linhax.dhs.org> <[🔎] 3820C9FD.57C079D6@bdsinc.com> <jjorgens@bdsinc.com> <[🔎] 199911040040.AAA18244@linda.lfix.co.uk> <[🔎] 19991103174829.B5652@desktop.ourmanpann.com>


Pann McCuaig wrote:
> 
> On Thu, Nov 04, 1999 at 00:40, Oliver Elphick wrote:
> 
> > Strictly, password encryption is authentication, rather than encryption,
> > because password encryption is one-way: you cannot decrypt a password.
> 
> Well, yes, but . . .
> 
> What do you call "discovering" a weak password using the tools created
> for that purpose?

These tools do not decrypt passwords. They perform a `dictionary attack`
- they take words from a list and encrypt them. If the encrypted
password matches the one in the password file, the password is cracked.

It's a bit more complicated than this, but this is basically how they
work.

Matthew

Reply to:

References:
- Password encryption
  - From: Sami Dalouche <debian@ifrance.com>
- Re: Password encryption
  - From: "Jens B. Jorgensen" <jjorgens@bdsinc.com>
- Re: Password encryption
  - From: "Oliver Elphick" <olly@lfix.co.uk>
- Re: Password encryption
  - From: Pann McCuaig <pann@ourmanpann.com>

Prev by Date: Re: Potato Hostname Vs NIS conflict
Next by Date: Re: debian-user-digest Digest V99 #1907
Previous by thread: Re: Password encryption
Next by thread: Re: Password encryption
Index(es):
- Date
- Thread