Re: Passwords
I'll have to take a pass on both of those. I've not heard of a popular hash algo being reversed in a very long time, and although MitM is a serious problem, I would consider it a problem separate from password cracking.
Depends on your dictionary. Some studies have shown a reasonable rate of success at guessing the average user's password simply by attempting all strings from all files on their hard drive. Though I confess I can't find a link to the study at the moment.
A 6 letter password chosen from the first letters of a phrase has a larger search space than Horse! by at least 3 orders of magnitude. Choose a longer phrase to get the standard 8 letter password and it's stronger by 6 orders of magnitude. L33t does increase the search space, but not in an algorithmically significant way. An extra, random character tacked on the end would be much more significant.
Admittedly I didn't use frequency tables, which would shrink both passwords' search spaces considerably, or anything else fancy.
|