Hacker News new | past | comments | ask | show | jobs | submit login

The "split into 7s" thing is from LM, which goes back to the OS/2 days... and it uses DES, which operates with 56-bit keys: 7 8-bit characters. Old DES-based crypt() has a similar limit: 8 7-bit characters.

NT hashes use MD4, which wasn't invented until 1990.

I believe LM also stored the passwords in uppercase as well. The NTLM password was used, but LM was also saved for compatibility (by default) with older Windows machines.

L0pth Crack utilized this when cracking, it first found the uppercase password, then it only had to brute force the case when cracking NTLM.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact