Vulnerability of password
Vulnerability of password
Vulnerability of password:-To understand the nature of the threat to password based systems, let us consider a scheme that is widely used on UNIX, in which passwords are never stored in the clear. Rather, the following procedure is employed
- Each user selects a password up to eight characters.
- This is converted into a 56-bit value (key input to an encryption routine).
- The encryption routine is based on DES. The DES algorithm is modified using a 12-bit.
- This value is related to the time at which the password is assigned to the user.
- The modified DES algorithm is exercised with a data input consisting of a 64-bit block of zeros.
- The output of the algorithm then serves as input for a second encryption.
- This process is repeated for a total of 25 encryptions.
- The resulting 64-bit output is then translated into an 11-character sequence.
- The hashed password is then stored, together with a plaintext copy of the salt in the password file
- It prevents duplicate passwords from being visible in the password file.Even if two users choose the same password, those passwords will be assigned at different times. Hence,the “extended”passwords of the two users will differ.
- It effectively increases the length of the password without requiring the user to remember two additional characters. Hence, the number of possible passwords is increased by a factor of 4096, increasing the difficulty of guessing a password.
- It prevents the use of a hardware implementation of DES, which would ease the difficulty of a brute-force guessing attack.