23 Mar
2022
23 Mar
'22
1:29 p.m.
On 23/03/2022 12:18 mj lists@merit.unu.edu wrote:
Op 23-03-2022 om 11:11 schreef Aki Tuomi:
Well, is the sha1 value same every time? If it is, then they are trying same password each time.
Aki
Yes, understood. :-)
The SHA1 changes, but each SHA1 is tried multiple times.
The question is: can we find out, just for this specific user, WHAT the attempted passwords are?
- Try hashing possible password candidates and compare
- Temporarily log everyone's passwords and then sanitize logs after you're done.
No way to enable that option for a single user.
Aki