On Wed, Sep 14, 2011 at 8:33 AM, Chris Cinelli < [email protected]> wrote:
> > > According to: http://research.microsoft.com/pubs/74164/www2007.pdf *~20% > of Fidelity, ~20% of NY Times, ~15% of Paypal* have a password with bit > strength of 30 or less. According to that study, this mean that If I know > the hash and salt, you need to try just 2^30 total combinations to find the > password of 45% of Paypal users. Using a ATI HD 5970 (that you can find at > $499 at Buy.com and http://www.golubev.com/hashgpu.htm you can try > 2,300,000 SHA1 hashes a second. > > > No you can't - you'd need 45% of PayPal User's usernames... And the db table of passwords to check against...neither of which is trivial to get. if it was this easy, everyone would have 45% of paypal user's passwords.... -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/cake-php
