“When I was a student… I made a test how the security was at
school… I had no problem to crack over 100 users password
using… the schools phonebook (including birthday’s). I don’t
remember how many that had their birthday as password, but it was
really easy to get a large amount of accounts just trying with
that. The firstname was also very common, as well as the surname. I
did all this cracking by hand, no special software was used. I also
made a trojan horse… acting as the login command. It was really
easy to fool users to login in to the system with my trojan. The
latest version logged you in to the network too, if you entered the
login and password correctly – just like the original login
program… As long as the users are using bad passwords it
doesn’t matter how secure the system itself is.”