Are you talking about this?
What about password hacking? Well, there is some. The first time a student asked me how to turn off echoing to a terminal, I suspected that what he wanted was to write a login simulator, but I encouraged the project as one that provided a strong motivation to learn. I thought that the reaction of other students, when the project became public knowledge, would be enough to control password hackers. I was a little too optimistic; it took a good deal of struggle to make the point. The problem is a recurring one, partly because every year brings a new batch of unsocialized freshmen. But a strong deterrent is the fact that students aspire to ``superuser'' status, that is, a privileged account given to system administrators. Superuser candidates must be accepted both by the existing superusers, to ensure their technical competence, and by the entire CCUS membership, to ensure that they are trusted by the community. The students who have the skill and interest to be potential password hackers are also the ones who want to keep the trust of their colleagues.
There's no way filter strings successfully, People will just keep finding clever workarounds until you give up