Go ahead, throw the rules at me for this one....
As you found out, making a word list as big as you first described in order to brute-force would have been worse than brute-forcing no words. However I have a few things I would suggest, and I have a project that I am going to use some of this on.
Let's keep in mind that we are "hopefully" not going to run through the whole list and will end up with the correct password at somepoint. First, order the words from small to big, smaller words will most likely makeup the password than giant words. We can then also pass a minimum/maximum password length to our engine so we know when to stop in our list. Add all the extra crap on the fly after searching for the basic words, they don't need to be in the wordlist. Offer adding the extra crap for smaller words that don't meet the minimum size requirements. Offer combining words on the fly so long as you don't go over the maximum size. Offer filling in with extra even on the combined words. If you do this all on the fly, you can set the order you check things in easier and try to get a match sooner than going through the entire wordlist. Make sure the list is either only lowercase or only uppercase (make two copies of the wordlist if you want). If you need all the different possibilities of capitalization, do it on the fly.
Always assume that the password is going to be the simplest first (lowercase/oneword). The fact that you get to use a wordlist in the beginning means that there is a lack of security in choosing the password.
|