Hacker Newsnew | comments | show | ask | jobs | submitlogin

That is only useful if you also specify yhe conditions under which the "cracking" takes place. Do you mean on-line password guessing? Or do you mean brute-forcing a hashed password leaked from a database?

In case 1 a lock-out policy would quite easily negate your attack. In case two the hashing algorithm used is often more important than the length and complexity of the password (up to a point of course, but that point is nowadays well beyond what's pactical for a user)




Applications are open for YC Summer 2015

Guidelines | FAQ | Support | Lists | Bookmarklet | DMCA | Y Combinator | Apply | Contact

Search: