Ophcrack Says Your Password Is Insecure 249
javipas writes "An insightful article at Jeff Atwood's Coding Horror reveals the power inside Ophcrack, an Open Source program that is capable of discovering virtually any password in Windows operating systems. The article explains how passwords get stored on Windows using hash functions, and how Ophcrack can generate immense tables of words and letter combinations that are compared to the password we want to obtain. The program is available in Windows, Mac OS and Linux, but be careful: the generated tables that Ophcrack uses are really big, and you should allow up to 15 Gbytes to store these tables."
Re:This is news? (Score:2, Interesting)
Things to note (Score:2, Interesting)
Some additional info on this topic can be seen here: http://druid.caughq.org/papers/Mnemonic-Password-Formulas.pdf [caughq.org]
Re:There's no way they're getting my password! (Score:5, Interesting)
Re:This is news? (Score:4, Interesting)
Re:This is why two factor authentication is necess (Score:5, Interesting)
-Rick
There's no need to crack the password (Score:4, Interesting)
Re:Windows is SECURE by design. (Score:3, Interesting)
Point a high-gain antenna at your window and wait for you to transmit all your precious passwords from your wireless keyboard to your ultra-secured box. Likely, your keyboard will transmit your every keystroke in "plaintext", however some wireless keyboards use encryption. It's a very weak key and can be bruted offline with minimal effort.
Sleep tight