Thread: 5 byte passwords cant be cracked
May 5th, 2010, 01:21 PM #1
5 byte passwords cant be cracked
using A-Z, a-z, 0-9, and Winzip's 256-Bit encryption.
1 character password has 62 possible combinations. It should take a pw cracker 1/2sec to crack.
2 - 3906 - 32secs
3 - 242234 - 34m
4 - 15018570 - 1d10hr
5 - 931151402 - 3 years, 5 months[assuming pw length is unknown, and the pw is the last combination tried]
Adding symbols & space, character set length = 95,
min.pw length=1, max pw length = 4, pw will have 82,317,120 possible combinations. It should take 63days12hrs to crack a Winrar file encrypted with it.
Thus, what's the point of above a 4 character pw?
From Winzip's help file: "In fact, taking maximum advantage of the full strength of AES encryption requires a password of approximately 32 characters for 128-bit encryption and 64 characters for 256-bit encryption."
Certainly, no one can memorize 32 random characters, if using caps, symbols, spaces, etc.
256-bits takes twice as long to crack as 128-Bits. Strangely, using same 2 character pw:winrar - 128-bit - 3m
winzip - 256-bit - 20secs
Winrar's encryption algorithm[eventhough it is 128-bit] is stronger than Winzip's[256-bit].
NIST recommends 80-bits for the most secure passwords, which can nearly be achieved with a 95-character choice (e.g., the original ASCII character set) with a 12-character random password (12 x 6.5 bits = 78).
On a single computer, using brute force, 500,000 passwords per second: length of the password: 8,
character set: all printable ASCII characters(95), 4463 years to crack.
Last edited by Gomar; May 6th, 2010 at 10:42 PM.
May 5th, 2010, 01:46 PM #2
- Join Date
- Mar 2003
- Joplin, MO
- Blog Entries
...Good job, friend-of-friends!
May 5th, 2010, 02:38 PM #3
- Join Date
- Oct 2001
sounds like a cut and paste spam
Last edited by vass0922; May 5th, 2010 at 02:41 PM.Helicopters don't fly; they vibrate so much and make so much noise that the earth rejects them.
May 5th, 2010, 08:37 PM #4
May 5th, 2010, 09:25 PM #5
IF the password was truly random, you would be right. The problem is people DONT use random characters. Almost everyone uses common words/combinations that are easily guessed, or are at the beginning of certain sequences.
3 examples (I worked for 2 of them, and I was proving to my neighbor he needed to do better) - I once worked at a church where the secretaries' password was "Jesus"(It took me 3 tries - God, Father, Jesus, the next 2 would have been Holy, and Bible), When I did temp work for some companies about a decade ago, an admin thought he was brilliant because he used the password "sex god" it took me 18 tries while talking to him, in his office to get the password. My next door neighbor thought he had a TOUGH password for his wireless net - it took me less than 4 minutes to get into his network because he retired from being an Arbys manager(his was 1rbys) dead simple and like my 10th try. IF you havent figured it out yet - many people are stupid when it comes to security. Most assume hidden = inaccessible!
There are "most common passwords" lists for a reason - 99% of the people cant stay away from them.They say technology slows down for no one. I know it outruns my wallet. I figure its because my wallet isn't light enough yet.
TechIMO Folding@home Team #111 - Crunching for the cure!
dulce bellum inexpertis
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
By Joe Black in forum General Tech DiscussionReplies: 1Last Post: September 1st, 2004, 08:02 AM
By eclipsera in forum MotherboardsReplies: 2Last Post: February 18th, 2003, 08:30 AM
By ComputrMotorcycl in forum General Tech DiscussionReplies: 2Last Post: February 15th, 2003, 10:38 PM
By cyphen in forum General Tech DiscussionReplies: 5Last Post: October 7th, 2002, 08:14 PM
By sheriff in forum MotherboardsReplies: 14Last Post: December 2nd, 2001, 10:41 PM