[markem]

Okay, students, we've looked at the brute force method, not let's look at a slight improvement on that approach.

The English language has 1,025,110 words, more or less. This means that for Anderson's formula, the value of 'N' just got really small.

Anderson’s Formula P>=TG/N
P – Probability of guessing a password
T – Time
G – No. of guesses in a time period
N – No. of possible passwords

So going back to our example of the likelihood of cracking a password in less that a year, we have:


P >= (3.1536*10**7)*50000)/(52**50) // old calculation with very large denominator

P >= (3.1536*10**7)*50000)/(1025110**9) // new calculation with very small denominator

P>= 1.54*10**(-3) which is 1.54%

This looks ominous because by making a very small change to the search algorithm, the chances of cracking the password with no other information than that the password consists of English language words leaves us with a dramatic increase in the probability to break the password. If we know that the password is a list of names (people and place) then it comes down far faster. We can easily approach 100% chance of success just by learning a bit more about the person we wish to crack. One trivial modification is to only check words with the first letter capitalized, which changes (1025110**9) to ~(505022**9).

For example, here is a list of towns that I have lived in since I was 21 as a password:

ButteSaltLakeCityRedmondKentBellevueBeaverton

Heck, I could also toss in a zip code or two. However, a local sysadmin, who may have access to my resume in the HR database, would know to make these place names a priority (along with names of references, relatives, etc).