Op 23-03-2022 om 11:11 schreef Aki Tuomi:> > Well, is the sha1 value same every time? If it is, then they are trying same password each time. > > AkiYes, understood. :-) The SHA1 changes, but each SHA1 is tried multiple times. The question is: can we find out, just for this specific user, WHAT the attempted passwords are?
> On 23/03/2022 12:18 mj <lists at merit.unu.edu> wrote: > > > Op 23-03-2022 om 11:11 schreef Aki Tuomi: > > > > Well, is the sha1 value same every time? If it is, then they are trying same password each time. > > > > Aki > > Yes, understood. :-) > > The SHA1 changes, but each SHA1 is tried multiple times. > > The question is: can we find out, just for this specific user, WHAT the > attempted passwords are?1. Try hashing possible password candidates and compare 2. Temporarily log everyone's passwords and then sanitize logs after you're done. No way to enable that option for a single user. Aki