|
-
January 24th, 2002, 09:34 AM
#1
Microsoft really seems to change its security policy
Check out this link 4 the proof that m$ is tightning security.
Click here
J.
What was my password again?
-
January 24th, 2002, 11:50 AM
#2
Erm... i don't get it?
script language=\"M$cript\";
function beginError(bsod) {
return true; }
onLoad.windows = beginError;
-
January 24th, 2002, 12:01 PM
#3
Your password must be at least 18770 characters and cannot repeat any of your previous 30689 passwords. Please type a different password. Type a password that meets these requirements in both text boxes.
Could you remember a 18770 char passwd?
I sure as hell couldn't!
-
January 24th, 2002, 02:23 PM
#4
Well, I'm gathering that's a bogus error. If it didn't pass the dictionary check, it would return something like "Password is based on a dictionary word" and ask for another. There are a number of reasons why this scheme wouldn't work.
1: passwords are only authenticated up to a certain length, with the most being 12 (I think). With that said, with good encryption on a *12* character alphanumeric password, it's gonna take a while to break that one. Most *nix boxes still run the usual login, which authenticates on the first 8 characters of the password, regardless of length. I don't know what MS does for this but if it's similar, then passwords greater than 8 won't be authenticated after the 8th character.
2: storage of a password that length?! Holy shite... Add in the fact that it'd be encrypted and you're storing something greater than 20k chars...riiiiiight. Once again, bogus number.
I'm guessing someone fat-fingered code at MS (big surprise there) and put in some outrageous numbers. They seem static if they posted the page with the message.
Just my two cents.
We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.
-
January 24th, 2002, 03:00 PM
#5
Agreed - no one can remember a 18770 character length password - that's damn near impossible. This has to be a mistake on Microsoft's part (what, how could that happen, oh my god!  ). Hell, a password with 20 characters would be hard enough to break - and it's partly feasible because I guess users could remember a 20 character password. Well, on second thought, SOME users could remember a 20 character password.
-
January 24th, 2002, 03:01 PM
#6
yeah... the article was saying that "if you get that error... here is how to fix it." it's a bug, not a new security measure. this was all stated in the article.
-
January 24th, 2002, 08:51 PM
#7
Lol! It looks to me like someone at MIT (or graduated from it) wanted to be funny... There is a reference to MIT in there, I'm not sure if they really mean something other than the university with the same Acronym, but getting that into the knowledge base would be a good "MIT Hack".
[HvC]Terr: L33T Technical Proficiency
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
