Quote:
|
Originally Posted by Kristi
That was the point, the hash is stolen through a cookie, and no its not just brute force, you can use cryptology, which is faster. For many of us the password on the forum is the same as our account, so you, as administrators, should have it different, and probably change so often.
|
The data in the cookie is using one-way encryption. There is no formula to get back the original password.
The only way is to try all combinaisons until you find the good one. It usually takes one or two months.
People will first try dictionnaries. Searching for common words. After they will try simple combinaisons.
Use password with random symbols, such as d8@m^x!v\a . Bruteforcers will need a lot of time to find it. Change it every month, and they won't be able to find it before you change it.
But the best way : always be careful, and don't open weird links (always look at the status bar of your browser to see the real link target).
EDIT: Note that trying dictionnaries or bruteforcing against the forum won't work. You probably noticed, you only have 5 tries to login.
EDIT2: Registrations are now fixed. You can register again to the forum if you have a gold/vip account.