Awesome - and cost effective! -- Espi
On Sat, Aug 9, 2014 at 6:57 PM, William Robbins <[email protected]> wrote: > Sorry Ben for stepping on your turf...but I felt this apposite in this > discussion. Oh, and IMHO, bringing up anything from Steve Gibson in a > security discussion is on par w/Godwin's Law. > > http://xkcd.com/538/ > > > - WJR > 🙈🙉🙊 > > > > > On Sat, Aug 9, 2014 at 4:41 PM, Michael B. Smith <[email protected]> > wrote: > >> Your version of impractical is different than mine. Or that of the NSA. >> >> >> >> Generating rainbow tables that contain hashes for all possible passwords >> of say, 24 characters, may be computationally intractable today (and may >> not be, depending on your resources), but a 95% success rate does not >> require tables that contain all hashes. >> >> >> >> *From:* [email protected] [mailto: >> [email protected]] *On Behalf Of *Klaus Hartnegg >> *Sent:* Saturday, August 9, 2014 2:09 AM >> *To:* [email protected] >> *Cc:* [email protected] >> >> *Subject:* Re: [NTSysADM] Re: Something to share with your users, so >> they can see how passwords matter >> >> >> >> Am 09.08.2014 um 05:23 schrieb "Michael B. Smith" <[email protected] >> >: >> >> you should spend some time learning how Rainbow Tables operate. >> >> Rainbow tables don't work at all if the password has sufficient length. >> >> They are magic for 8 characters, but impractical for 10 or more. >> >> >> >> >> > >
