[SGVLUG] Login Question
Thomas Moore
thomasmoore at speakeasy.net
Wed Oct 30 09:28:39 PDT 2013
On 10/29/2013 11:11 PM, Doug wrote:
> well I'm not a mr. katz but i'll take a crack at it...brute force attacks
> against passwords usually refer to offline attacks; that is, where the attacker
> has your encrypted password stored and is trying to decrypt it so they can login
> to a site and impersonate you. Any sane system will lock out an attempt to do
> that online (hence the normal user lockout after a few tries, they think you're
> trying to break in) and even if an attacker had unrestricted access to try and
> login to a server by using every possible combination of characters, that attack
> is going to be impractically slow.
>
> Rob Wilcox <e320r837i4031j316 at yahoo.com> wrote:
>
> How do brute-force attacks work
> whereas legitimate users are locked out after 2 or 3 failures?
>
> This is Robert and one of my non Linux friends asked me this question above.
> If and when Mr. Katz has free time could you answer this?
> If not then answer at our next SGVLUG in Nov.
>
> Thanks!
How do they get your encrypted password?
Tom
More information about the SGVLUG
mailing list