Default password length insufficient
Brought to you by:
tytso
Menu
▾
▴
#9 Default password length insufficient
open
nobody
None
5
2012-01-27
2012-01-27
Anonymous
No
When invoking pwgen at CLI, you get a list of many 8-char passwords from the alphanumeric [a-zA-Z0-9] character set.
A "low cost consumer PC" can typically handle about up to one billion = 10e9 passwords per second, making it a class F attack which can breakt the entire 8 char [a-zA-Z0-9] keyspace in less than 72 hours.
I suggest to raise the 8char limit to at least 12 chars from the [a-zA-Z0-9] keyspace. An attacker would need about one hundred thousand years to go through the eintire 12 char [a-zA-Z0-9] keyspace with a 2012 standard PC.
Most people will believe the 8 char password is sufficient for their task, depending on your default. Please raise the default length to at least 11, better 12 or 13 chars.
Discussion
You can buy best Football Boots in our website with cheap price. Nike Football Boots, Adidas Football Boots, Football Jerseys, Football Equipment sale online with cheap price and you can buy cheapest Football Boots with free shipping <a href="http://www.footballshop2012.com/">Football Boots</a>
Behind every successful man there's a lot u unsuccessful years.
<a href="http://michaelkorswatchs.bcz.com/" title="Michael Kors Outlet">Michael Kors Outlet</a>
Few things are impossible in themselves; and it is often for want of will, rather than of means, that man fails to succeed.
<a href="http://www.soccercleatsfans.com/nike-soccer-cleats-nike-t90-fg-shoes-c-450_465.html" title="NIKE T90 FG Shoes">NIKE T90 FG Shoes</a>