passwords! (p5) / ngrams and passphrases
coderman
coderman at gmail.com
Sun Nov 17 20:07:22 PST 2013
On Fri, Nov 15, 2013 at 6:09 PM, brian carroll
<electromagnetize at gmail.com> wrote:
> ... if a password service used this principle,... 3-4 sets instead,
> themselves having special rules...
>
> [set1|set2|set3|set4]
>
> in this way, a 'rolling password' could be developed ...
this feels similar to various guided / ordered permutations strategies
that use a corpus of ngrams or words for attacking longer sequences,
like passphrases. [with or without decorating permutations like
appended numerical sequences and other common substitutions and
sequences]
the effectiveness of these in practice appears strongly bound to your
operational security. e.g. past examples of mining a user's interests
to guide successful pass word and pass phrase cracking attempts.
i keep waiting for someone to write it, alas:
'No results found for "the art of tactical password cracking"'
;)
More information about the cypherpunks
mailing list