In addition, modern
Linux distributions (please
enlighten me about other flavors of
Unix) encrypt passwords using
MD5 instead of the weak
algorithm (
DES) used before. If you get the scrambled text, you can still perform a
dictionary attack on it, but most definitely not a
brute force one. The sample Iconoplast listed has a MD5-encrypted password.
Actually, encrypt is not the right word -- MD5 is a hash function.