Re: [SILLY QUESTION] Uncrypting passwords

From: Angus Mezick (angus@EDGIL.CCMAIL.COMPUSERVE.COM)
Date: 08/27/98

This is just an example of a crapy crypt() function.  the real one does a much
better job.  there might be a small chance that you can have multiple passwords.
But i have a feeling that it doesn't happen.  The main point was that you can't
un-encrypt what crypt has encrypted, you can just make guesses at what you think
it might be and then try running it through the same crypt function to see if
the 2 crypted string match.  Grep for crypt in the code and you will see how
this works.

______________________________ Reply Separator _________________________________
Subject: Re:  [SILLY QUESTION] Uncrypting passwords
Date:    8/27/98 8:36 AM

<< :)Ok... consider this:* You think of a number. Let's say 43.
  That is your password.
* The function then possibly divides this by 12, and stores
  the remainder as X. X in this case would equal 7.
* The crypt() function returns X (which is 7) as your cryptedpassword.
This is not how crypt() actually performs, but it gives you arough
idea of how one way encryption works. You see, there is no wayon
earth you can reverse the process so that you start with 7 andend
up with your starting number (in this case 43).
Hope this makes things a bit clearer. >>

Not to be sarcastic, but im confused. When you enter your password, im
guessing it checks to see if your "number", when divided by 12, has a
remainder of 7 (much more complex in the real thing). Well, what if i
enter, say, 55, which also has a remainder of 7? does this mean you can
log in with multiple different passwords? that crypt is crappy? or that
i'm just confused?

Get Your Private, Free Email at

     | Ensure that you have read the CircleMUD Mailing List FAQ:  |
     | |

This archive was generated by hypermail 2b30 : 12/15/00 PST