[Discuss] deadmanish login?
Dan Ritter
dsr at randomstring.org
Fri Feb 3 12:43:38 EST 2017
On Fri, Feb 03, 2017 at 12:40:04PM -0500, Richard Pieri wrote:
> On 2/3/2017 8:47 AM, Kent Borg wrote:
> > I'll change it to 12-honey-denver-doctor then!
> >
> > No one will even guess that.
>
> A dedicated Hashcat rig can "guess" it within 5 minutes.
Assuming either:
a) it has a zero-latency, no penalty for wrong-guesses method of
trying passwords
or
b) it has the hash of the passphrase in front of it and is generating
matches.
Situation a is unlikely.
Situation b is sadly all too common.
-dsr-
More information about the Discuss
mailing list