Beefy Boxes and Bandwidth Generously Provided by pair Networks
Just another Perl shrine
 
PerlMonks  

comment on

( [id://3333]=superdoc: print w/replies, xml ) Need Help??

I believe the difference (using average hardware) between brute-forcing (which involves hashing each candidate password) and rainbow-ing (which involves just a dictionary lookup) is a lot in terms of time. But I don't have the numbers nor the time to benchmark right now. Time is important in that a db breach will sooner or later be noticed (well...), so it's a race against the user getting notified by db admin and changing their password. Also note that salts can be mixed within the password. Or placed either at the beginning or the end or both. These methods require the hacker to also have access to the in-house algorithm for salting the password, i.e. where and how to intermix. Which depends on many factors.


In reply to Re^4: Replacing crypt() for password login via a digest - looking for stronger alternative by bliako
in thread Replacing crypt() for password login via a digest - looking for stronger alternative by davebaker

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":



  • Are you posting in the right place? Check out Where do I post X? to know for sure.
  • Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
    <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
  • Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
  • Want more info? How to link or How to display code and escape characters are good places to start.
Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others romping around the Monastery: (6)
As of 2024-03-29 01:17 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found