At 09:03 PM 3/31/02 +0530, you wrote:
Random strings are harder to get, but still possible with a brute force approach (a cracker that tries every combination of n letters, digits and special characters that exist). This however takes very long and is not feasible for most.
"not feasible for most" is a gross understatement.
The MD5 hash is 128 bits long. This means that there are 340,282,366,920,938,463,463,374,607,431,768,211,456 values. This means that even if you could try a TRILLION combinations a second it would take you 10,790,283,070,806,014,188 years to break!
A brute force attack against MD5 won't work.
However a dictionary attack is much more likely to work against this algorithm. That is not due to any weakness of the algo but due to human tendency of picking works like "god" , "password" etc as passwords. -- vinayak hegde
On Mon, 1 Apr 2002, vinayak hegde wrote:
this algorithm. That is not due to any weakness of the algo but due to human tendency of picking works like "god" , "password" etc as passwords.
which is why we have cracklib
-
Philip S Tellis -
vinayak hegde