Your version of impractical is different than mine. Or that of the NSA. Generating rainbow tables that contain hashes for all possible passwords of say, 24 characters, may be computationally intractable today (and may not be, depending on your resources), but a 95% success rate does not require tables that contain all hashes.
From: [email protected] [mailto:[email protected]] On Behalf Of Klaus Hartnegg Sent: Saturday, August 9, 2014 2:09 AM To: [email protected] Cc: [email protected] Subject: Re: [NTSysADM] Re: Something to share with your users, so they can see how passwords matter Am 09.08.2014 um 05:23 schrieb "Michael B. Smith" <[email protected]<mailto:[email protected]>>: you should spend some time learning how Rainbow Tables operate. Rainbow tables don't work at all if the password has sufficient length. They are magic for 8 characters, but impractical for 10 or more.
