Quote:
Originally Posted by Why
the logic used above is flawed, because crackers know what words and strings are used most frequently. so that shortens the list down tremendously. secondly, just because the average is 9 does not mean you can not crack using every combination of 6 or shorter, where 6 is the usual minimum user/pass length at many sites.
not to say strongbox isnt a good solution, but their math is a bit off IMO.
|
We also know what's used frequently and we know that six character passwords aren't good. You've made the assumption that we're stupid and we set her site up stupidly. We are not stupid, so we don't assign "password" as a password.
__________________
For historical display only. This information is not current:
support@bettercgi.com ICQ 7208627
Strongbox - The next generation in site security
Throttlebox - The next generation in bandwidth control
Clonebox - Backup and disaster recovery on steroids
|