11-21-2011, 11:41 AM
I completely understand why you would filter when a rule affects a password in such a way as to make it less than 8 characters and therefore unsuitable for WPA. I am very impressed with the fact you thought about that so carefully on your first release of a WPA tester to be honest. I also understand why you would filter if it exceeded hashcatplus’s 15 character limit.
What I am unsure about and I am only guessing that others would be also, is that when it comes to something that doesn’t affect the length or validity of a password (such as case) why is it filtered ?
I understand you cannot toggle the number “123†but can hashcatplus just apply the toggle rule to the characters it can in a given password and ignore the rest ?
With the filtering as it is now the password candidate “password123†using toggle2 would never produce a very common password “PassWord123â€, as it would have been rejected due to the “123â€,which seems like a shame.
I am very impressed with the filtering in general its just that I can’t work out why case changes to passwords (using toggles) would need to be filtered.
This isn’t a criticism, I am just interested as I don’t understand this. Could case toggling please be treated separately as a rule for the reasons above and not be filtered ?
Thank you.
What I am unsure about and I am only guessing that others would be also, is that when it comes to something that doesn’t affect the length or validity of a password (such as case) why is it filtered ?
I understand you cannot toggle the number “123†but can hashcatplus just apply the toggle rule to the characters it can in a given password and ignore the rest ?
With the filtering as it is now the password candidate “password123†using toggle2 would never produce a very common password “PassWord123â€, as it would have been rejected due to the “123â€,which seems like a shame.
I am very impressed with the filtering in general its just that I can’t work out why case changes to passwords (using toggles) would need to be filtered.
This isn’t a criticism, I am just interested as I don’t understand this. Could case toggling please be treated separately as a rule for the reasons above and not be filtered ?
Thank you.