Re: Me stupid: lost password for gpg

Subject:	Re: Me stupid: lost password for gpg
From:	casimiro barreto
Date:	Wed, 29 Dec 2004 10:57:41 -0200

Ideally, passwords should be phrases with transliterations. If you
don't use English, if you include names of places or people or
anything derived from foreign names (here we can use lots of indian
names) and a personal rule for transliteration, you can have passwords
that won't be easily cracked.


On Wed, 29 Dec 2004 17:23:03 +1100, Russell Coker <russell@xxxxxxxxxxxx> wrote:
> On Wednesday 29 December 2004 09:58, Kyrre Ness Sjobak
> <kyrre@xxxxxxxxxxxxxxxxxx> wrote:
> > man, 27.12.2004 kl. 18.01 skrev Russell Coker:
> > > On Friday 17 December 2004 08:19, Paul Iadonisi <pri.rhl3@xxxxxxxxxxx>
> wrote:
> > > >   Maybe the new dual Opteron box I just ordered can the passwords
> > > > for both our keys. ;-)
> > >
> > > I wrote a program to keys with a hacked version of gpg (at the
> > > point in the code where it asks for the pass-phrase my code inserted a
> > > loop to go through the passwords).  It's ugly but with the recent
> > > versions of gpg it works reasonably well (I discovered a memory leak
> > > whereby gpg would lose a couple of hundred bytes every attempt at a
> > > pass-phrase).
> >
> > What if it tried a dictionary first?
> 
> Using a dictionary might get a faster attack or make cracking a long password
> feasible.  But surely no-one is using a password that would be so easily
> cracked...
> 
> --
> http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
> http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
> http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
> http://www.coker.com.au/~russell/  My home page
> 
> --
> fedora-devel-list mailing list
> fedora-devel-list@xxxxxxxxxx
> http://www.redhat.com/mailman/listinfo/fedora-devel-list
> 


-- 
The information contained in this message is confidential and
intended to the recipients specified in the headers. If you received
this message by error, notify the sender immediately. The
unauthorized use, disclosure, copy or alteration of this message
are strictly forbidden and subjected to civil and criminal sanctions.

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-devel-list

<Prev in Thread]	Current Thread	[Next in Thread>
Me stupid: lost password for gpg, Hans de Goede Re: Me stupid: lost password for gpg, Kyrre Ness Sjobak Re: Me stupid: lost password for gpg, Hans de Goede Re: Me stupid: lost password for gpg, Nicolas Mailhot Re: Me stupid: lost password for gpg, Paul Iadonisi Re: Me stupid: lost password for gpg, Russell Coker Re: Me stupid: lost password for gpg, Hans de Goede Re: Me stupid: lost password for gpg, Russell Coker Re: Me stupid: lost password for gpg, Kyrre Ness Sjobak Re: Me stupid: lost password for gpg, Russell Coker Re: Me stupid: lost password for gpg, casimiro barreto <=

Previous by Date:	Re: Issue on the relationship of the three rpms, Alexander Dalloz
Next by Date:	rawhide report: 20041229 changes, Build System
Previous by Thread:	Re: Me stupid: lost password for gpg, Russell Coker
Next by Thread:	rawhide report: 20041215 changes, Build System
Indexes:	[Date] [Thread] [Top] [All Lists]