Comments on: Is your password safe? http://www.danlprice.co.uk/2007/11/30/is-your-password-safe/ Weblog of a cyber-geek Thu, 20 Nov 2008 07:27:49 +0000 http://wordpress.org/?v=2.6.2 By: Dan http://www.danlprice.co.uk/2007/11/30/is-your-password-safe/#comment-87 Dan Wed, 12 Dec 2007 18:40:46 +0000 http://www.danlprice.co.uk/2007/11/30/is-your-password-safe/#comment-87 Hey Adam. I was actually. However, I've just upgraded to a Virtual Private Server and didn't realise there was a master security option to prevent people from attempting to guess passwords. I have since enabled this on my server. Thanks for commenting :) Hey Adam. I was actually. However, I’ve just upgraded to a Virtual Private Server and didn’t realise there was a master security option to prevent people from attempting to guess passwords. I have since enabled this on my server.

Thanks for commenting :)

]]> By: Adam http://www.danlprice.co.uk/2007/11/30/is-your-password-safe/#comment-86 Adam Wed, 12 Dec 2007 04:42:49 +0000 http://www.danlprice.co.uk/2007/11/30/is-your-password-safe/#comment-86 Hey Dan. I saw that you said cpanel does not lock you out after failed attempts. You are talking about the regular cpanel that most web developers would use? (Who knows I might be missing something). I know that my cpanel will lock me out after about 5 atempts. I know that because at one time I rarely logged into my cpanel and forgot my login name and password, stupid me. Hey Dan. I saw that you said cpanel does not lock you out after failed attempts. You are talking about the regular cpanel that most web developers would use? (Who knows I might be missing something). I know that my cpanel will lock me out after about 5 atempts. I know that because at one time I rarely logged into my cpanel and forgot my login name and password, stupid me.

]]> By: Dan http://www.danlprice.co.uk/2007/11/30/is-your-password-safe/#comment-82 Dan Tue, 04 Dec 2007 20:39:42 +0000 http://www.danlprice.co.uk/2007/11/30/is-your-password-safe/#comment-82 "And that any secure system would lock out a user account after 3 failed attempts within a 15 minute period?" Interesting you said that John. I thought the same thing. However, there are a number of important systems that DON'T lock users out after 3 failed attempts - for example, cPanel! However, you are right in mentioning it and I should have probably included that point in the post itself :D By the way, nice to see that new blog address of yours - I was sad not being able to read any more blog posts from you “And that any secure system would lock out a user account after 3 failed attempts within a 15 minute period?”

Interesting you said that John. I thought the same thing. However, there are a number of important systems that DON’T lock users out after 3 failed attempts - for example, cPanel!

However, you are right in mentioning it and I should have probably included that point in the post itself :D

By the way, nice to see that new blog address of yours - I was sad not being able to read any more blog posts from you

]]> By: Kyle Barron-Kraus http://www.danlprice.co.uk/2007/11/30/is-your-password-safe/#comment-81 Kyle Barron-Kraus Tue, 04 Dec 2007 02:34:12 +0000 http://www.danlprice.co.uk/2007/11/30/is-your-password-safe/#comment-81 Have you seen that thing where you can put a DVD with the Fedora Core on and then install the OS onto the PS3? It's pretty cool, and you can Dual Boot the PS3 and Fedora OS's. Have you seen that thing where you can put a DVD with the Fedora Core on and then install the OS onto the PS3?

It’s pretty cool, and you can Dual Boot the PS3 and Fedora OS’s.

]]> By: John http://www.danlprice.co.uk/2007/11/30/is-your-password-safe/#comment-80 John Mon, 03 Dec 2007 22:17:32 +0000 http://www.danlprice.co.uk/2007/11/30/is-your-password-safe/#comment-80 No comment. ;-) On a modern Windows machine, the GPU is more powerful than the CPU. It wouldn't surprise me if the same is true on a PS3 or other device. Video games demand a tremendous amount of processing power. The difference is that Windows is required to be capable of all types of general purpose computing. I'm sure video game consoles can run circles around an office computer when it comes to building a character out of polygons and shading. I'm equally sure those same video game consoles would take weeks to run a simple SQL query that takes milliseconds on a "real" computer. What type of 8 byte password is the PS3 able to break so easily? I would guess sending different guesses across the internet would be the bottle neck, instead of simple CPU power. And that any secure system would lock out a user account after 3 failed attempts within a 15 minute period? No comment. ;-)

On a modern Windows machine, the GPU is more powerful than the CPU. It wouldn’t surprise me if the same is true on a PS3 or other device. Video games demand a tremendous amount of processing power. The difference is that Windows is required to be capable of all types of general purpose computing. I’m sure video game consoles can run circles around an office computer when it comes to building a character out of polygons and shading. I’m equally sure those same video game consoles would take weeks to run a simple SQL query that takes milliseconds on a “real” computer.

What type of 8 byte password is the PS3 able to break so easily? I would guess sending different guesses across the internet would be the bottle neck, instead of simple CPU power. And that any secure system would lock out a user account after 3 failed attempts within a 15 minute period?

]]>