Send password over TCP connection

Dan Stromberg strombrg at dcs.nac.uci.edu
Tue Oct 11 02:27:06 CEST 2005


On Tue, 11 Oct 2005 01:21:55 +0200, Michael Ströder wrote:

> Dan Stromberg wrote:
>> [quoted text muted]
> 
> http://www.faqs.org/rfcs/rfc2945.html
> 
> Ciao, Michael.

OK, thanks for the reference.

I guess I neglected to stress that we're talking about using random
strings of characters, not dictionary words or other weak forms of
user-chosen passwords.

Is there something easily attacked about the original algorithm, if you
use a long, quite random password in combination with a hash algorithm
that hasn't been broken?

If you look over my fallback-reboot package at:
http://dcs.nac.uci.edu/~strombrg/fallback-reboot/ you'll see that there's
a small python script that generates a 32 character hex string for the
passwords.

I suppose I probably should rewrite it to not use whrandom though.

Thanks!





More information about the Python-list mailing list