Comments on: OphCrack; forgot your password?

By: co.co

co.co — Tue, 22 Dec 2009 06:52:08 +0000

I recommend a new tool windows password reset 7.0 . It also support windows 7 password reset. And it’s the best tool i ever seen. I’m sure it is helpful for those who locked out of computer.

By: Sjeltur

Sjeltur — Thu, 14 May 2009 05:32:25 +0000

@solomon – I am not sure if I really get your question; but OphCrack is mainly to get your administrator and user passwords.

By: solomon

solomon — Wed, 13 May 2009 19:39:00 +0000

Can I crack any password with tools r it is only for a few tools that are available

By: Sjeltur

Sjeltur — Wed, 13 May 2009 16:06:07 +0000

@lvs – I didn’t see anything yet – but ya still have a couple of hours.

@pcmemoirs – thanx for checking and sharing !
As you can see in the discussion; you will need a 20 character password to let OphCrack fail.

By: pcmemoirs

pcmemoirs — Wed, 13 May 2009 06:38:09 +0000

I tested Ophcrack on a Vista laptop and it found the 6 character password within 2 minutes.

By: lvs

lvs — Wed, 13 May 2009 04:40:45 +0000

wow cool, I didnt know about this. Let me try getting the password to this blog of yours If you see a funny post here tomo, then you know who did it!

By: Rudy

Rudy — Fri, 08 May 2009 12:49:45 +0000

Nah… just don’t trust Microsoft. If someone is really concerned about security issues, relying on just a Windows password is not enough (there are tools out there that reset the password, so even with a long password you’re not safe).

In that case, use something like TrueCrypt.

By: Sjeltur

Sjeltur — Fri, 08 May 2009 12:37:54 +0000

Solution; send Microsoft an email… ROFL

Btw for people who want to make their password stronger – so ophcrack isn’t able to get it; ophcrack is working till up to 18 characters – after that you (should) are safe !!

By: Rudy

Rudy — Fri, 08 May 2009 12:30:18 +0000

I see now that I use the words ‘keylength’ and ‘keyspace’ in a somewhat liberal fashion…

To be more precise, ‘keylenght’ is the lenght of a key, expressed in the number of characters used, or the equivalent in bits used. For example, the keylenght of DES is 56 bits.

‘Key space’ is the number of possible keys, for example, DES has a keyspace of 2^56 = 72 057 594 037 927 936. This is the maximum number of keys you have to try to recover the key, if you only can use a brute force attack (simply trying all possible keys).

By: Rudy

Rudy — Fri, 08 May 2009 12:19:59 +0000

Never believe what Microsoft says, especially when it comes to security!

Let’s do some calculations…

Suppose we can pick both lowercase and uppercase characters (a-z and A-Z) for the 7 letters and all 95 printable ASCII characters for that other character. Then the keyspace (number of possible keys) is:

52^7 x 10 x 95 = 976 668 117 401 600

This is a keyspace of less than 50 bits, by all standards very weak!
It’s even less than the keyspace of DES, an old encryption algorithm with a keylength of 56 bits, and completely unsecure.

A keyspace of at least 128 bits should be recommended. If we can choose all 95 printable ASCII characters for all characters in the password, one needs to pick 20 characters at random to produce the password.