Sunday, September 09, 2007

So much for strong passwords...

Perhaps you think Fgpyyih804423 is a strong password. As discussed here, it took OphCrack 160 seconds to break it. That's scary!

2 comments:

Jim Dodd said...

There was more discussion about this here:
http://www.matasano.com/log/958/enough-with-the-rainbow-tables-what-you-need-to-know-about-secure-password-schemes/
where they (Thomas Ptacek in particular) point out that there are many ways to defeat Rainbow Table attacks. At least on the programming side - not in choosing a password.

It's amazing to read the comments there and on Jeff Atwood's original post and see people throwing around terms I have no idea about! Just when I begin thinking I know something about the practice of programming, I get brought up short by a subject like this.

By the way, thank you so much for your book "Practical Algorithms for Programmers". You opened my eyes to a LOT of areas where I was deficient.

Regards,
Jim Dodd
Onset Computer Corp.

Andrew Binstock said...

You and me both. This is a programming technique I was not familiar with until I read the original post.

Thanks for your kind comment about the algorithms book. I appreciate it.