Results 1 to 3 of 3

Thread: Ergonomic password guessing.

  1. #1
    Member whitelisted's Avatar
    Join Date
    Feb 2010
    Posts
    72

    Default Ergonomic password guessing.

    The other day, I watched a friend of mine unlock his company blackberry phone so that he could read a message he had just received.

    The company uses a BES to enforce a password complexity policy that requires the unlock code to contain at least one digit or special character, and it also enforces a screen lock after only a few minutes, meaning that this friend of mine is constantly having to enter his unlock code to get at his mail.

    Because smartphones have stupid little keyboards that are frustrating to use, and because of the password complexity policy, my friend had picked an unlock code that was quick and convenient to enter.

    Basically, every digit and special character requires you to make two different keypresses except for zero, which has it's own key in the lower left of the keypad next to the spacebar.

    What my friend did was put one thumb on the zero key and the other thumb on the 'p' button, which is in the top right corner, and to alternate keypresses until he reached the minimum passphrase length.

    We know that people are lazy and forgetful when it comes to picking passwords - that's why wordlists are so successful. What I hadn't really thought about until yesterday was how frustrating little keyboards like the ones on smartphones could lead to passwords that were strong against the usual wordlists, but which would be very vulnerable to a wordlist that was tailored towards specific keyboard layouts.

    I've done some googling on the idea and come up with very little. Surely this is something that others have thought of? has anyone on these forums perhaps read something somewhere that they can point me towards?

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: Ergonomic password guessing.

    Sorry if I don't "get it" but what exactly is the question? Are you wanting thoughts on password complexities or made passwords tailored to blackberries et. al. or something else?

  3. #3
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    12

    Default Re: Ergonomic password guessing.

    He's just talking about, how making a special wordlist for smart phones which use the vulnerability of people being to lazy for creating solid passwords. But im pretty sure that most of the current wordlists are more then able to suit your bruteforcing needs even for smart phones.

Similar Threads

  1. password
    By hollabit in forum OLD BackTrack 4 (pre) Final
    Replies: 10
    Last Post: 09-10-2009, 07:22 AM
  2. password guessing dictionaries
    By humbleman in forum OLD Newbie Area
    Replies: 3
    Last Post: 07-29-2009, 09:17 PM
  3. which password?
    By personne in forum OLD Newbie Area
    Replies: 1
    Last Post: 03-02-2009, 04:42 PM
  4. Xploitz Master Password Collection.rar - password
    By ardhjuna in forum OLD Newbie Area
    Replies: 10
    Last Post: 07-02-2008, 01:49 PM
  5. Bad Password?
    By krubb in forum OLD Newbie Area
    Replies: 6
    Last Post: 03-13-2007, 02:01 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •