[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Password encryption

On Wed, 3 Nov 1999, Pann McCuaig wrote:

 : On Thu, Nov 04, 1999 at 00:40, Oliver Elphick wrote:
 : > Strictly, password encryption is authentication, rather than encryption,
 : > because password encryption is one-way: you cannot decrypt a password.
 : Well, yes, but . . .
 : What do you call "discovering" a weak password using the tools created
 : for that purpose?

Reverse engineering - the "tools created for that purpose" simply hash
strings and compare the result to whatever is stored in /etc/passwd (or
hopefully /etc/shdow); once you have a match you have presumably
discovered the password.

Nathan Norman
MidcoNet  410 South Phillips Avenue  Sioux Falls, SD
mailto:finn@midco.net           http://www.midco.net
finger finn@home.midco.net for PGP Key: (0xA33B86E9)

Reply to: