Home Page for the TeradataForum
 

Archives of the TeradataForum

Message Posted: Tue, 26 Aug 2003 @ 17:10:25 GMT


     
  <Prev Next>   <<First <Prev
Next>
Last>>
 


Subj:   Re: SYSECDEFAULTS
 
From:   Anomy Anom

<-- Anonymously Posted: Tuesday, August 26, 2003 13:04 -->

  This makes passwords alot more crackable.  


Doesn't this assume that you know the encryption method used by Teradata to store the passwords?

If one is going to brute force a password, then yes, having less characters to work with is a big help. But, to brute force anything, you first need to know what algorithm to use. For example, I know that Windows NT uses the RC5 (after SP6 I believe) DES algorithm to store its passwords. I can then brute force the password by using this algorithm and comparing it to the hashed password.

Anywho, it's all academic. Between sniffing network packets for ODBC passwords, shoulder surfing, or simply guessing; a cracker probably would never even need to try and crack the Teradata password.


  Does anyone know if NCR plans to beef up security.  


Teradata could be a figurative Fort Knox, but it means nothing if the users' password is "Teradata_1" (note the 'special' character :- ))


-Anomy



     
  <Prev Next>   <<First <Prev
Next>
Last>>
 
 
 
 
 
 
 
 
 
  
  Top Home Privacy Feedback  
 
 
Copyright for the TeradataForum (TDATA-L), Manta BlueSky    
Copyright 2016 - All Rights Reserved    
Last Modified: 15 Jun 2023