[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: big word listing

To: [email protected]
Subject: Re: big word listing
From: Jim Gillogly <[email protected]>
Date: Fri, 21 Jul 95 12:58:14 PDT
In-Reply-To: Your message of Fri, 21 Jul 95 13:19:39 -0500. <[email protected]>
Reply-To: [email protected]
Sender: [email protected]

> "It's supposed to crash like that." <[email protected]> writes:
> As a security measure, I am trying to get a massive dictionary of words
> together, and each time a user changes his/her password, it checks the list t o
> see if the password is in it.  My question is, are there any pre-built lists of
> this nature?  I am currently only using a spelling dictoinary, and would like
> somthing a little bigger.

Yes, there are -- see ftp.ox.ac.uk for a lovely set of them.  This is a
reasonable approach, but it's insufficient: you also need to check lots of
variants on the words.  I'd suggest looking at the code in Programming
Perl (Larry Wall and Randal L. Schwartz) for checking potential
passwords, and I'd suggest looking at the initial ruleset used by Crack,
the Unix password cracking tool; the same rules should be good for any
kind of password scheme.

Also you should be aware that cracking passwords is passe' these days:
it's much easier to run an ethernet sniffer and gather them wholesale.
Every little bit helps, though.

	Jim Gillogly
	Sterday, 28 Afterlithe S.R. 1995, 19:54

References:
- big word listing
  - From: "It's supposed to crash like that." <[email protected]>

Prev by Date: Re: The OS wars and DOOM...
Next by Date: Re: big word listing
Prev by thread: Re: big word listing
Next by thread: Re: big word listing
Index(es):
- Date
- Thread