Oracle Password Hashing Algorithm Weaknesses and Vulnerability

October 27, 2005

[From The SANS(TM) Institute ]

Joshua Wright, a researcher at SANS released details tonight of the Oracle password hashing algorithm at the SANS Network Security conference in Los Angeles. As part of his presentation, Wright demonstrated an attack tool he wrote that makes it possible to recover the plaintext password from even very strong, well written passwords within minutes.

The article continues at http://www.sans.org/press/oracle_pass.php