Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sat 22 Nov 2014, 11:41
All times are UTC - 4
 Forum index » Off-Topic Area » Security
How to increase the security!
Post new topic   Reply to topic View previous topic :: View next topic
Page 4 of 4 [47 Posts]   Goto page: Previous 1, 2, 3, 4
Author Message
01micko


Joined: 11 Oct 2008
Posts: 7841
Location: qld

PostPosted: Wed 26 Sep 2012, 20:32    Post subject:  

Barkin wrote:
Just remembered Puppy can calculate MD5 via console (aka terminal) ... http://puppylinux.org/wikka/md5sum

http://www.puppylinuxfaq.org/how-to/20-linux-tips/44-copy-and-paste-to-terminal.html


Just two points I'd like to make here:

1. There is the chance of error when you put your text into a file and run md5sum. There can be no whitespace on the end of the string or carriage returns. If you produce it using "echo" you must use /bin/echo, that is, echo -n.

2. If you store that file then there isn't much point! An attacker could easily get hold of the file.
You can run md5sum from stdin like so:
Code:
# echo -n '5&kr&t'|md5sum
5622165cab4eb0217daa09f574bd3c3d  -
capture24653.jpg
 Description   
 Filesize   55.31 KB
 Viewed   255 Time(s)

capture24653.jpg


_________________
Woof Mailing List | keep the faith Cool |
Back to top
View user's profile Send private message Visit poster's website 
Barkin


Joined: 12 Aug 2011
Posts: 742

PostPosted: Thu 27 Sep 2012, 04:22    Post subject:  

01micko wrote:
2. If you store that file then there isn't much point! An attacker could easily get hold of the file.
You can run md5sum from stdin like so:
Code:
# echo -n '5&kr&t'|md5sum
5622165cab4eb0217daa09f574bd3c3d  -


That was just to show the MD5 calculators were in agreement, I did say not to write down the salt 5&kr&t ...
Barkin wrote:
... the real passwords are MD5s of those words in quotes plus a secret string of characters I have committed to memory and never write down, e.g. 5&kr&t

It's the only thing you have to memorize to have an unlimited number of secure passwords.
BTW I use something longer than 5&kr&t as a salt : I use a 15 character string not in the dictionary,

So even if someone knows my list of dummy passwords and the method I've used they will still have to do a brute force attack on a 15 character unknown which could take some time ...

Quote:
It would take a desktop PC about 157 billion years to crack your [15 character] password

http://howsecureismypassword.net/

Quote:
Time Required to Exhaustively Search this [15 character] Password's Space:
Online Attack Scenario:
(Assuming one thousand guesses per second) 1.49 hundred thousand trillion centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 1.49 billion centuries
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 1.49 million centuries
Note that typical attacks will be online password guessing
limited to, at most, a few hundred guesses per second.

https://www.grc.com/haystack.htm

The above times do not include the additional time taken to calculate the MD5 for each guess: MD5 (DummyPassword+BruteForceGuess).
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 4 of 4 [47 Posts]   Goto page: Previous 1, 2, 3, 4
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0498s ][ Queries: 12 (0.0043s) ][ GZIP on ]