Beefy Boxes and Bandwidth Generously Provided by pair Networks
We don't bite newbies here... much
 
PerlMonks  

Re^4: Replacing crypt() for password login via a digest - looking for stronger alternative

by hippo (Bishop)
on Jun 19, 2021 at 18:06 UTC ( #11134032=note: print w/replies, xml ) Need Help??


in reply to Re^3: Replacing crypt() for password login via a digest - looking for stronger alternative
in thread Replacing crypt() for password login via a digest - looking for stronger alternative

But passwords are typically rather short so not too difficult to crack by brute force.

What you are describing here are not passwords in general but poor passwords. Good passwords are typically rather long so too difficult to crack by brute force.

Assuming the password is made up only of upper case, lower case letters and numbers then there are only (!) 218,340,105,584,896 permutations. That is 628.

Again, good passwords do not just consist of letters and digits. Even if they did it seems you are assuming just Roman letters and Arabic digits. There are plenty of other character sets from which to choose.

If you don't want to get pwned, don't use poor passwords. If you don't want your users to get pwned don't let them use poor passwords.


🦛

  • Comment on Re^4: Replacing crypt() for password login via a digest - looking for stronger alternative

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://11134032]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others making s'mores by the fire in the courtyard of the Monastery: (1)
As of 2021-10-22 00:07 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    My first memorable Perl project was:







    Results (85 votes). Check out past polls.

    Notices?