Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'still insecure' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
still insecure
Authored by: SOX on Sep 06, '05 02:08:21PM

One can subvert this as follows.
look at the modification date on the users password entry. seed this along with times close by into your algorithm and you will get a modest list of possible passwords. hash alll these and see if they match the stored hash.



[ Reply to This | # ]
Insecure no more!
Authored by: segdeha on Sep 18, '05 11:39:41PM

FYI, I've updated Make-A-Pass to get its random seed from /dev/random. Thanks for the enlightening discussion, MacOSXHints.com readers!

You can download Make-A-Pass from the following URL:

http://andrew.hedges.name/widgets/

Thanks!
-Andrew



[ Reply to This | # ]