Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The space of passwords consisting of two english-y words, possibly encoded in one of several elitespeak alphabets, seperated by a non-alphabetic character? Still much smaller than the 2^56 you get from fully random isprint() passwords.

Again: we can go back and forth about how likely it is I will crack your excellent passwords, and I hear you, but from 1991 through ~2004, iterative password cracking was the only way it was done, and it was and is freakishly effective.

Salts don't do anything at all to slow down iterative cracking tools. bcrypt kills them completely.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: