Page 1 of 1
ErsatzPassword
Posted: Fri 22 May 2015, 17:26
by labbe5
Because data breaches are a recurring problem, ErsatzPassword could become a standard tool in business organisations. This tool will not prevent data breaches per se, but in case a data breach occurs, hackers will not be able to crack any real and usable passwords, it only will be fake ones. The technical details are in the research report. It is available here :
https://github.com/cngutierr/ErsatzPassword
I guess one of the early users will be banks because of the extra layer of security.
Posted: Fri 22 May 2015, 20:26
by Flash
Do you trust that site? There are several easy English words misspelled in the description, which leads me to suspect that something nefarious could be afoot.
Posted: Sat 23 May 2015, 02:35
by Ted Dog
the word means fake or substandard replacement.
Posted: Sat 23 May 2015, 08:23
by L18L
Flash wrote:There are several easy English words misspelled in the description,
As I don't have a spell checker at the moment, give me just two examples please.
Thank you.
Posted: Sat 23 May 2015, 15:43
by Burn_IT
cleaver revieled
It is not a well written site and given that, would you trust the software??
I certain would not.
Mind you, I don't trust ANY software that "adjusts" passwords; the whole point of which is to keep them secret not "trust" to some third party.
Posted: Sat 23 May 2015, 15:46
by Flash
[quote]ErsatzPassword is a PAM_UNIX module that utlizes (utilizes?) the Yubikey HSM to generate cryptographic password hashes in a cleaver (probably meant clever) way. If an attacker steals the hashed password file (e.g., etc/shadow, /etc/master.passwd) and attempts to crack the password via a dictionary bruteforce attack, the ersatz “fake
Posted: Sat 23 May 2015, 16:12
by amigo
ersatz has no connotation of being inferior or fake. It simply means 'substitute' or replacement.
Posted: Sat 23 May 2015, 16:46
by Burn_IT
Substitute or replacement both mean NOT original or "copy" or fake??
Fake does not necessarily imply inferior.
Posted: Sat 23 May 2015, 17:47
by amigo
I don't recall ever hearing the word fake used in an non-negative way.
Posted: Sat 23 May 2015, 19:01
by Burn_IT
I think a lot of women would argue with that.
Posted: Sat 23 May 2015, 19:48
by bark_bark_bark
amigo wrote:I don't recall ever hearing the word fake used in an non-negative way.
ಠ_ಠ
Posted: Sun 24 May 2015, 08:14
by L18L
Thank you, Flash and Burn_IT for showing the misspelled words.
Totally agreed with you:
Flawless spelling is a
necessary condition but
not sufficient. 