• ArtVandelay@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    9 months ago

    It’s a good thing not just everybody can afford a raspberry pi zero that would be necessary to crack an MD5 in seconds

    • viking@infosec.pub
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      9 months ago

      That really depends on the password complexity. Sure, you can crack a password of 6-8 characters in below 30 minutes, but anything more complex than that will take days and longer.

      My default password is 22 characters long and includes a unique identifier for each service plus a checksum. Say as an example (similar enough to my actual use case) for Adobe I’ll have “Ae” (first and last letter of the service) and “41” in a specific position (A = 41 in Hex).

      That way even if I repeat the other 18 characters (including symbols, upper and lower case characters) it will take years or even decades on a consumer grade system to crack my password, and the hash is unique for each service/website, so there won’t be any collateral damage either, even if some service I used got breached and my password somehow fully exposed.

      • ReginaPhalange@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        Why do people humble brag about their password strength, but then tell the whole world how to construct rainbow tables designed to crack their passwords?