On 30 Sep 1998, Ole J. Tetlie wrote: >The simplest approach: Get the encrypted password from >/etc/passwd or /etc/shadow. (If you use shadow you shan't be >able to read it without being root - a good thing). >Then you just start generating all combinations of legal >passwords, crypt'ing them and checking against the >encrypted password. You will probably not be able to do >this in a reasonable amount of time if the password is eight >characters, not even with a C program. If you use a password >with for example four characters it shouldn't take much more than >a couple of minutes (rough estimate).
the simplest approach is more likely to be this: 1) get Alec Muffett's wonderful Crack program 2) compile, configure and go make coffee Alec also distributes a CrackLib library which can be used to assist in forcing users to choose secure passwords. - dave -- | oOOooO / --| oOobodoO / [EMAIL PROTECTED] --| ooOoOo / | II / "Rocky Road," croaked the toad. | II /
