| |
My crack versus John-the-Ripper
| feature |
John-the-ripper |
My crack |
| Search by |
Dictionnary and Human-password patterns |
Full scan |
| Brute-force |
YES
oriented by patterns |
NO
reduce search field |
| Passwords/s on P4@2.8Ghz |
12 Millions |
1500 Billions |
John-the-ripper use human-generated or human-choosen passwords weaknesses,
and when someone enter a password like '123456' or 'test4now', as I discover on our MySQL Production Server,
it was unbeatable. It still is a great tool to find password weaknesses.
But now my crack find these mysql passwords even faster than John, using different chess-game algorithms to reduce
search-windows and look for data patterns instead of only results.
A responsible sysAdmin or DBAdmin will use both to ensure passwords strength, and will ever use John-the-ripper
to check MySQL New-passwords, something that my crack couldn't do at this time.
|
|
