big word listing
Bill Stewart
stewarts at ix.netcom.com
Fri Jul 21 12:32:40 PDT 1995
>| As a security measure, I am trying to get a massive dictionary of words
>| together, and each time a user changes his/her password, it checks the
list to
>| see if the password is in it. My question is, are there any pre-built
lists of
>| this nature? I am currently only using a spelling dictionary, and would like
>| something a little bigger.
>
> Look on coast.cs.purdue.edu in the password/Crack areas.
There are also Grady Ward's Moby Words and related moby-listings, though
things like Crack will probably do a more thorough job of variants like
word, drow, w0rd, word0, drow0, word1, 0word, 1word, word1word, etc.
which people use to complicate their passwords.
Caveat: If you're building it on Unix, _don't_ set up the command to
take the proposed password on the command line, e.g. "checkpass foobar2",
since that makes it visible to anyone who runs ps. Feed it through stdin,
or set it as a variable and fork, or something like that.
And remember that binary searches are _far_ faster than reading whole
dictionaries,
and hashes are even faster if you're willing to preprocess more.
#---
# Thanks; Bill
# Bill Stewart, Freelance Information Architect, stewarts at ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
More information about the cypherpunks-legacy
mailing list