moistD: Can someone explain the Rainbow Tables a little better? That math went right over my head.
Pinko_Commie: moistD: Can someone explain the Rainbow Tables a little better? That math went right over my head.Knowing a password algorithm, you pre-generate a table of password hashes for all the possible passwords, then instead of having to crack each password individually, you just compare to your rainbow table, you get a match there, you then know what the password is.
ModernLuddite: A friend of mine had the brilliant idea of using non-English words. Since it seems that the brute force methods use lists of words from Websters, then maybe some form of "La voiture rouge est en feu" would work rather well.//Not my password.///Srsly.
Wellon Dowd: According to howsecureismypassword.net, the password howsecureismypassword would take four trillion years to crack.
Wellon Dowd: But the Fark Social Security number filter is still safe, right? Let's see.XXX-XXX-XXXXThank goodness.
Kurmudgeon: Your password is only as good as your ability to remember it.
jgi: How Secure Is My Password?
moistD: I thought those were just the hash tables. The Rainbow Tables were some crazy way of compacting all of that data so they can store more data in less space and that flowchart lost me.
ranak: [imgs.xkcd.com image 740x601]
Grither: Hey!!! Damnit, can a mod please delet?!?@! WTF YOU JERK!
manimal2878: Maybe I'm missing some critical detail, since I'm not really too knowledgeable of the tech side of computers, but wouldn't having the account locked out after a few wrong attempts prevent most of this?
THE GREAT NAME: NAME's shed door wire is live at 50,000 volts and no warning sign.Heh.
Galloping Galoshes: THE GREAT NAME: NAME's shed door wire is live at 50,000 volts and no warning sign.Heh.Amateur. Galoshes shed sits in the center of a high voltage switching station, and you have to wade out to it.
Pocket Ninja: What kind of idiot uses only a piece of wire? You augment the wire with a brick to hold shut the bottom corner, everybody knows that.
Vegan Meat Popsicle: manimal2878: Maybe I'm missing some critical detail, since I'm not really too knowledgeable of the tech side of computers, but wouldn't having the account locked out after a few wrong attempts prevent most of this?Only in cases where they're actively attempting to enter guesses. In these cases they're talking more about a situation where someone has stolen a database full of encrypted passwords. In that case, you can just start encrypting strings of text and seeing if the hash it produces matches a hash in the stolen data. So if I encrypt 'password1' and it become 'DKDV#V!NVKP}', and I see that manimal2878's hashed password is "'DKDV#V!NVKP}'" I know his plaintext password is "password1" and I can just go enter it in one try.
Gonz: manimal2878: Maybe I'm missing some critical detail, since I'm not really too knowledgeable of the tech side of computers, but wouldn't having the account locked out after a few wrong attempts prevent most of this?No, that's stupid.I mean, it sure would prevent password cracking. Now, imagine for a minute that I'm a bored asshole from 4chan or similar. I feel like being a jerk today, so I come to Fark, and start trying to log in as every user name I can find, using only the password "a". Within minutes, I've done two things. First, I've found anyone on Fark who uses just the letter "a" as a password. Secondly, I've broken Fark.There are steps you can take to prevent that, and they add complexity. I really like Google's current two-factor authorization. If I want to log in to GMail on a new computer, I put in my password, Google sends me a 6-digit code via text message, I put that in, and THEN I'm verified. It's not perfect, but it's pretty good.
Links are submitted by members of the Fark community.
When community members submit a link, they also write a custom headline for the story.
Other Farkers comment on the links. This is the number of comments. Click here to read them.
You need to create an account to submit links or post comments.
Click here to submit a link.
Also on Fark
Submit a Link »
Copyright © 1999 - 2017 Fark, Inc | Last updated: Aug 19 2017 22:35:43
Runtime: 0.481 sec (481 ms)