Fokissed
Posts: 12 +1
That is only assuming a dictionary-based attack is not used.
That is only assuming a dictionary-based attack is not used.
Better than that ... if the site knows anything about security, then the hash is calculated for the password and a random "salt" together. The salt is generated just for that user when the password is first created. The salt and the hash are both stored. So the attacker has to find a password that when hashed with that salt makes that hash. No dictionary is going to hold all passwords with all possible salt values.This hash is different for each system. password1 can be hashed to xyz on techspot, but it will be qwerty on gmail. The hashes I believe are made my applying a 'master hash key' to the ASCII password, which as before, is different for each system.
At that length a dictionary attack would take longer than the eight length password with stupid characters...That is only assuming a dictionary-based attack is not used.
If you broke in the system to steal the hash, you'd steal the salt too.Better than that ... if the site knows anything about security, then the hash is calculated for the password and a random "salt" together. The salt is generated just for that user when the password is first created. The salt and the hash are both stored. So the attacker has to find a password that when hashed with that salt makes that hash. No dictionary is going to hold all passwords with all possible salt values.
That obviously depends on the size of the wordlist. There are 16604 unique words/numbers in the Bible so that's huge, but since those are words, they make up passwords quicker than chracters. You can sort words by frequency:At that length a dictionary attack would take longer than the eight length password with stupid characters...
yah, since I was banned yesterday for trying to promote my crowdfunding campaign for a solution to this problem, I guess you'd only know if you PM me.Why can't they just write it on a post-it and stick it to the monitor like most people?
But none of those words would be used...That obviously depends on the size of the wordlist. There are 16604 unique words/numbers in the Bible so that's huge, but since those are words, they make up passwords quicker than chracters. You can sort words by frequency:
the 63924
and 51696
of 34734
to 13561
that 12913
in 12667
he 10420
shall 9838
unto 8997
for 8971
Are you sure? It was talking about passphrases/sentences, and many pages ago where people referred to an xkcd comic strip. correct and horse are both in the bible, interstingly, no battery nor staple were in the bible since it's before its time.But none of those words would be used...
None of those words would be used as you did not list any of those words in your frequency table.Are you sure? It was talking about passphrases/sentences, and many pages ago where people referred to an xkcd comic strip. correct and horse are both in the bible, interstingly, no battery nor staple were in the bible since it's before its time.
Either way, frequency is some times take into consideration for dictionary attacks.
Some "experts" told me my campaign doesn't solve the biggest problem...etc... and I said, Rome wasn't built in a day. Anything is better than the current situation...None of those words would be used as you did not list any of those words in your frequency table.
Four words using only the words in the bible equates to 76,006,528,794,009,856 possible combinations. While an eight character password with numbers, upper and lower case letters, and let's say a choice of thirty special characters (the amount on a US keyboard) comes up with 6,095,689,385,410,816 possible combinations. That is a figure that is twelve times easier to crack if you use a password that is bloody hard to remember. Not to mention the former example sky-rockets when you add a possibility for the first letter of one or all of the words to be upper-case (1,216,104,460,704,157,696 -- 200 times harder to crack), as well as taking into account modern words which will widen the possible combinations exponentially -- literally!
Soooo: at the end of that I think those 'experts' can stick it up their nose with the rubber hose...
As I understand it a team in Cambridge, UK are working on a system that will be able to build Rome in a day, while using less energy than an ordinary quasar.Some "experts" told me my campaign doesn't solve the biggest problem...etc... and I said, Rome wasn't built in a day. Anything is better than the current situation...
haha... you won't believe it was the same team who told me that... on the other hand, some security architect who works in the real world pledged for my campaign.As I understand it a team in Cambridge, UK are working on a system that will be able to build Rome in a day, while using less energy than an ordinary quasar.
But can it run Crysis?
(I know, I know...)
Probably because boredom & fatigue set in after you've typed something as complex as, "1, 2, 3, 4, 5, 6", and nobody would be able to log on without taking a 10 minute coffee break.and I have no idea why microsoft is now limiting password characters to a maximum of 16.
All just joking aside, likely because the bit width access and memory bandwidth of a modern single GPU far exceed that of the typical CPU. (at present 64 bits, versus single GPUs @256 bits). I'm thinking you could convince a GPU cluster to, "wild guess much faster".I have no idea why gpu is used to crack passwords rather than the cpu.
Are you saying a "Fire Pro" video card won't play "Crysis"? 'Cause that would really burn my buns. Have you seen the prices they charge for those things?I believe there are FirePro cards
You can do the math yourself. Since they are brute-forcing the password, adding a single character (chosen from a pool of N different characters) can only increase the cracking time by factor N at worst, N / 2 on average. N is most likely less than 100 (lowercase letters, uppercase letters, numbers and about 20-30 special characters available on keyboard).
Rocket, do the British really use the term "math" in the plural in this context.? As an uppity colonist, I'd substitute the term, "calculations".So if we 'do the math' or maths for those in England,....[ ].......
Article states 5.5hrs. Something in error of my maths?
As Brian Cox says 'It's always important to show your workings'...