Thanks for your help! I was able to confirm that it does appear to be skipping dictionary words less than 8 characters, even when rules would prepend/append enough characters to create a 8+ character password.
For the password:
Yellow123456
Dictionary with “Yellow” and “Yellow1” fails while dictionary with “Yellow12” works.
So. Are there any workarounds for this? Or options that would allow me to disable that 8 character check of dictionary words when using a rules based attack?
I am noticing a lot of passwords that are short dictionary words with the year appended to the them (or similar style) that are easy to identify with the appropriate rules, but this optimization check is making it difficult for me to identify them with a traditional dictionary + rule attack. I’m surprised how often I still see something like “Spring2018”.
Thank you!
For the password:
Yellow123456
Dictionary with “Yellow” and “Yellow1” fails while dictionary with “Yellow12” works.
So. Are there any workarounds for this? Or options that would allow me to disable that 8 character check of dictionary words when using a rules based attack?
I am noticing a lot of passwords that are short dictionary words with the year appended to the them (or similar style) that are easy to identify with the appropriate rules, but this optimization check is making it difficult for me to identify them with a traditional dictionary + rule attack. I’m surprised how often I still see something like “Spring2018”.
Thank you!