Reply To: 12 Nov 16 – 100 Guesses Is Enough To Crack Your Password

Home Forums The Poll Discussion 12 Nov 16 – 100 Guesses Is Enough To Crack Your Password Reply To: 12 Nov 16 – 100 Guesses Is Enough To Crack Your Password

#5002

HotDawg
Participant

Wouldn’t that have to be an extremely short password? If I use the common “password” for a password, I can spell it (using a mix of case) 256 ways. So, on an average, knowing the 8 letters — but not the case — I would still have 128 tries.

Looking at another example — restricting our password (like some banks do) to just letters (both cases) and numbers — we have a pot of 62 characters to choose from. A 2 character password would have 3844 possibilities, or about 1900 tries on on average.

Far back in time I had to come up with password protection for a system where every byte was important. The system would accept any character in a password, or any length, and it was stored as a hashed value in one byte — 256 possibilities. With that I guess it would be possible to hit a matching password in around 100 tries — but hopefully systems today are a little more secure.

My Linux boxes here allow 5 tries to log in, then you have to start over.

What am I missing?