|TYPES OF TALLY PASSWORDS|
1. Admin UserName & Password
It is stored in the COMPANY.??? file, in encrypted format, and can be recovered, by a technical person having some insight on file structure and reverse engineering skills. Generally many Tally Dealers or Users are capable of recovering this password, either by TDL programming, or by some tedious method, like making a dummy company, and transfering the files from password protected company to dummy company folder.
2. Vault Password
Unlike above Admin UserName & Password, Vault Password is not stored in any of the files. Instead, it is being used to generate 64bit key to encrypt all files, using DES algorithm. DES stands for Data Encryption Standard, and it is widely used for encrypting confidential information worldwide. To our knowledge, Tally may be the only Indian Accounting Software to implement DES Algorithm till date.
Recovery of Vault Password is nearly impossible, but due to human errors, it can be recovered uptill certain extent. Below mentioned are some of the human errors as per our experience.
- Short Length of Password, 95% users do not use more than 6 characters.
- Use of only UpperCASE or only LowerCASE characters, no special characters or numbers are used.
- Use of Common Passwords.
- Use of Common Names of People, Places, Gods etc, it can be easily matched from dictionary.
As per our Knowledge & Suggestion, the Password should be of minimum 10 Characters, including Numbers and Special Characters. The Vault Password can be recovered by using Brute-Force or Dictionary method, then also the above suggestion for password above 10 characters, is difficult to recover, or nearly impossible, as per current CPU speed available.
The current Brute-Force speed for finding a password, for DES encrypted data, is around 40,00,000 pass/sec on a Dual Core 2.8 Intel CPU. If BitSlice technique is used, then it may go around 10,00,00,000 pass/sec. Further, it can be implemented on NVidia CUDA technology, and speed will shoot up manifold.
The above mentioned speed is our assumption, on the basis of solution available for commercial DES protected applications.
|TALLY SHORTCUT KEYS|
|Home | Info & Help | Data Recovery | Dealers | TCP Files | FAQ's | Tally On Linux | Payment Options | Buy Tally | Contact Us|