
Your Password Is Too Damn Short - cpeterso
http://blog.codinghorror.com/your-password-is-too-damn-short/
======
nerdy
Doesn't the length of a salt modify the effective length of the password? If
the salt is 16 chars and the password is only 4 but a strong hashing algorithm
is used wouldn't it still effectively be 20 characters?

If that's the case (employed properly), doesn't it largely invalidate much of
the article, at least the offline fast attack scenario?

 _p.s._ I am not advocating 4-character passwords, it was only an example!

~~~
bigiain
Nope - you can see the salt in the stored hash. If you know what the 16 chars
of salt are so you only have to search the 4 character search space to
enumerate all possible 4 char passwords.

(it makes the number of rainbow tables you would have considered pre-
calculating ~10 years ago a much more difficult task, but that's not how
passwords are attacked any more)

~~~
nerdy
So the "fast attack" uses the GPUs to compute on-demand, not using precomputed
values?

~~~
bigiain
Yep - plus a specialised password dictionary and bunch of heuristics to
permute or mutate that dictionary.

OCLHashcat can top a billion hashes a second for poorly chosen password hash
algorithms - attackers just keep lists of every password exposure they coma
across (starting with the 32 million passwords RockYou exposed to the world) -
then combine that and a regular "common word/name/petname" dictionary, and try
adding leading or trailing numbers, swapping numbers for letters l337-5p3ak
style. One PC with some fairly recent video cards in it could blast through
every dictionary word, a few thousand common names - and mutate all of those
with common capitalisation and punctuation (you _did_ capitalise the first
letter and add a fullstop or exclamation point at the end when the site forced
you to use upper/lower and "special characters" right?), then they can add
every combo of up to 4 training digits, anything that looks like a date, and
they'll probably try using the domain name or bits of it if they know where
the list came from (is your email password fluffycat-gmail or
GoKitehawks2015-hotmail ?). If you're unlucky enough to be in a password list
disclosure from a site still using MD5 (salted or not) that's literally a few
_seconds_ work. Salted SHA might up that to minutes per password. Unless the
site used bcrypt/scrypt/pbkdf2, if your password was in any way "predictable",
someone with a box with 4 modern video cards (or stolen AWS credentials) will
have found all the "low hanging fruit" passwords in hours or days.

