在哪里可以找到用于密码验证的字典? [英] Where do I find a dictionary for password validation?
问题描述
我正在开发一个密码验证算法,需要检查潜在的密码对字典。如果密码或其任何部分可以在字典中找到,请拒绝。这个功能很容易,但我在哪里可以得到单词列表?有没有一个Web服务已经在那里查找单词?我已经戳了一些,但没有发现任何尖叫挑我!谢谢
I am working on a password validation algorithm that needs to check potential passwords against the dictionary. If the password or any part of it can be found in the dictionary, reject it. The function is easy enough, but where do I get the word list? Is there a web service already out there for looking up words? I have poked around some, but not found anything that screams "Pick Me!" Thanks.
编辑:当我问到这个问题,我还没有想过具体的密码字典一样@Joe斯科拉将包括本可避免的话。所以,我会扩展这个问题,包括这种类型的字典,以及任何其他我可能没有考虑到写这个函数。
When I asked this question, I hadn't thought about specific password dictionaries like @Joe Skora that would include words that could be avoided. So, I'll extend the question to include that type of dictionary, and anything else I might not be thinking about with writing this function.
平台是C#/ ASP.Net / SQL Server。这只是需要实现的强密码算法的一个组成部分。再次感谢。
Platform is C#/ASP.Net/SQL Server. This is only one component of the algorithm for strong passwords that will need to be implemented. Thanks Again.
推荐答案
的 Google搜索免费词典给你很多免费的字典。如果你将其上传至数据库,你可以做一个已知的字快速查找。
Googling on free dictionaries gives you a lot of freely available dictionaries. If you upload them to a database, you can do a fast lookup for a known word.
然而不认为这会消除非蛮力攻击!
您应该查看密码破解应用程序!字典攻击的最简单的扩展是结合单词。此外,还有其他类型的攻击,如替换字符,在键盘上彼此接近。 (例如:将D到f。)
You should have a look at password cracking applications! The simplest extension of the dictionary attack is to combine words. Moreover, there are other types of attacks, like replacing characters, that are close to each other on a keyboard. (For example: turn d to f.)
到目前为止,我见过的最好的密码破解应用程序的 John the Ripper 。如果你看到,它使用什么样的攻击,可以建立一个更好的密码生成器。
The best password cracking application I've seen so far is John the Ripper. If you see, what kind of attacks it uses, you can build a better password generator.
您也应该学习的用户的使用习惯,因为典型密码是错误的密码。例如,大多数用户在他们的密码短语中输入数字,所以强密码是在其中间有一个数字。
You should also study user habits, because a typical password is a bad password. For example, most users put numbers in their passphrase's end, so a strong password is, which has a number in it's middle.
这篇关于在哪里可以找到用于密码验证的字典?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
