aka "size doesn't matter" after all

[arstechnica.com]

As always, keep 'em random, that is, not a word or phrase findable elsewhere.

Why bother, just use 'password' as your password.

"ocl-Hashcat-plus targets a much wider number of popular cryptographic products and applications, including TrueCrypt 5.0 and beyond, 1Password, Lastpass, the SHA256 algorithm in the Unix operating system, and hashing operations found in the latest version of Apple's OS X operating system."

>>>

"The new version of Hashcat came two days after developers for Russia-based ElcomSoft updated the company's Phone Password Breaker software. The fee-based forensic tool now supports the selective recovery of certain types of data stored in Apple's iCloud service. The new version allows users to retrieve contacts, call logs, pictures, or other specific types of backed up data without having possession of the original iPhone, as long as the attacker has the user's Apple ID and password."

---

Saint Cloud, Minnesota, where the weather is wonderful even when it isn't.

Of course, the attacker would have to have access to the non-salted hash of your password, and your password has to be in it's hypothetical dictionary.

So actually, the only thing new here is that now cracking can be a little faster by using GPUs, enabling craking of longer passwords in a reasonable amount of time.

I'm changing my password to the entirety of "Mein Kampf" in the original Klingon. The CPU will slag before it cracks that. But it will take me a couple of years to login.

---

----


Edited 999 time(s). Last edit at 12:08PM by jdc.

Quote
Acer
I'm changing my password to the entirety of "Mein Kampf" in the original Klingon. The CPU will slag before it cracks that. But it will take me a couple of years to login.

Does Godwin's law apply to password cracking?



Edited 1 time(s). Last edit at 08/27/2013 10:40AM by MGS_forgot_password.

so how do I get one of these hash files with encrypted passwords, or how Microsoft Active Directory file?

From a recent issue of Wired Magazine:

Kill the Password: Why a String of Characters Can’t Protect Us Anymore
[www.wired.com]

---

It is what it is.

Good read. Even though I read it earlier it was worth another read.

Quote
N-OS X-tasy!
From a recent issue of Wired Magazine:

Kill the Password: Why a String of Characters Can’t Protect Us Anymore
[www.wired.com]

---

Saint Cloud, Minnesota, where the weather is wonderful even when it isn't.