On Tue 29 Aug 2017 at 22:29:41 +0300, Reco wrote: > Hi. > > On Tue, Aug 29, 2017 at 08:14:59PM +0100, Brian wrote: > > On Sun 27 Aug 2017 at 21:12:12 +0200, Thomas Schmitt wrote: > > > > > Brian wrote: > > > > I do not have to run faster than the bear, just faster than anyone else. > > > > (Analogies never work. Remind me not to use them again). > > > > > According to the article about the successful cracking, it is not so much > > > about how fast you are. The bear will not stop when it is done with eating > > > those behind you. > > > > Note that the article details the point at which the investigators gave > > up on going after what they saw as random passwords. They would never > > have got to > > > > my!only"reason£for$living%is^ebay > > > > no matter how low or high its entropy is. > > Sadly it only means that these investigators were to lazy to implement > Markov chains to generate a suitable dictionary. See this for the > example: > > https://hashcat.net/events/p14-trondheim/prince-attack.pdf
You are blinding us with technological terms. How does this help with attacking the password for a login with online techniques? > > We are mesmorised by the skills of offline crackers. They dazzle us and > > blind us to realities. Where is someone saying that > > > > eq8GeKBhVXOTjF0dAyd0 > > > > is a splendid password? It wouldn't have a chance of being forced via an > > online attack. > > Since it appeared in a public maillist - it is a bad password by > definition. It will not be used again. How easy is it to force +H3GHd8kXs8HfmRDzZ7y online by probing it over the net? -- Brian.
