[SGVLUG] Login Question

Doug dougvargas at sbcglobal.net
Tue Oct 29 23:11:48 PDT 2013


well I'm not a mr. katz but i'll take a crack at it...brute force attacks against passwords usually refer to offline attacks; that is, where the attacker has your encrypted password stored and is trying to decrypt it so they can login to a site and impersonate you. Any sane system will lock out an attempt to do that online (hence the normal user lockout after a few tries, they think you're trying to break in) and even if an attacker had unrestricted access to try and login to a server by using every possible combination of characters, that attack is going to be impractically slow.

Rob Wilcox <e320r837i4031j316 at yahoo.com> wrote:

>How do brute-force attacks work 
>
>whereas legitimate users are locked out after 2 or 3 failures?
>
>
>This is Robert and one of my non Linux friends asked me this question above.
>
>If and when Mr. Katz has free time could you answer this?
>
>If not then answer at our next SGVLUG in Nov.
>
>
>Thanks!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://sgvlug.net/pipermail/sgvlug/attachments/20131029/6348b77f/attachment.html>


More information about the SGVLUG mailing list