RE: [Full-Disclosure] Senior M$ member says stop using passwords completely!

[James.McKinlay@xxxxxxxxx]

>Subject: RE: [Full-Disclosure] Senior M$ member says stop using passwords 
completely!
>Date: Tue, 19 Oct 2004 15:42:17 -0500
>From: "Todd Towles" <toddtowles@xxxxxxxxxxxxxxx>
>To: "Pavel Kankovsky" <peak@xxxxxxxxxxxxxxxxxxxxxx>,
>   <full-disclosure@xxxxxxxxxxxxxxxx>
>
>I was under the understand that passwords of over 14 characters were
>stored with a more secure hash, therefore 14 characters passwords were
>harder to crack, due to the more secure hash. Windows will create two
>different hashes for passwords shorting than 14 characters, I do
>believe.
>
>Just use a non-printable character in your password and cracking is
>useless...if they crack it, they can't read what they cracked. ;) 

Would it not be possible to modify the cracking program to include an 
output
for the successful string that displayed like Unix/linux command 
octal-dump [ od -c ] ??

mtcw
J.


________________________________________________________________________

This E-mail transmission may contain confidential or legally privileged 
information that is intended for the addressee only. 
Any views or opinions presented are solely those of the author and do not 
necessarily represent those of CNM Limited. 
If you are not the intended recipient you are hereby notified that any 
disclosure, copying, distribution or reliance upon the contents of this E-mail 
is strictly prohibited. 
If you have received this E-mail transmission in error, please notify the 
sender immediately, so that CNM Limited may arrange for its proper delivery. 
Please then delete the message from your inbox.

This email has been scanned for all viruses by the MessageLabs SkyScan
service. For more information on a proactive anti-virus service working
around the clock, around the globe, visit http://www.messagelabs.com
________________________________________________________________________