From: "Diederik Smets" <Diederik.Smets@emd.be>
Date: Thu, 29 Oct 1998 00:57:31 +0800
To: cypherpunks@toad.com
Subject: Re: lotus notes id file
Message-ID: <412566AB.00566188.00@mailhost.emd.be>
MIME-Version: 1.0
Content-Type: text/plain



IF the owner of the id also entered an internet password AND it is the same
as the one for the id file, then you can use brute force (dictionairies) to
try and crack it. Get the encrypted value in the
properties>fields>HTTPPassword of the persons document in the PNAB and
compare it to the results of the @password() function.

Alternatively, do a search for old id files which might still be accessible
with the 'default' password (if you know which one that is), but you won't
be able to access servers that have the 'check password' option enabled.

If you need to access a local DB that has 'enforce a consistant ACL across
all replicas' enabled, just use another id and add that person's name with
the necessary roles to the ACL via LotusScript.

Diederik


Hello
     I'm using lotus notes and I have a big problem. I have a id file with
no
password. How can I get a password for it or reset it. Is there some type
of
utility or something someone knows of?I have been told that I'm out of luck
unless I have the original.

John...