|
I haven't heard of rainbow table attacks being used much at all anymore. It's completely practical to individually brute force every person's password using their specific salt in parallel. Let's say they cranked up bcrypt to take 10ms to run (so their system can login 100 people per second). That means it take me 10 seconds to try all 10,000 weakest passwords against an individual hash. If I can do, say, 1000 hashes in parallel, then I can try the top 10,000 passwords against 100 users' hashes a second. If their DB is 100,000,000 passwords then that's only 11 days to try the top 10,000 passwords on everyone, which is super reasonable and will get you tons of low-hanging-fruit. In practice you can probably try a password faster than this, and massively more parallel. So that's just gravy. Also keep in mind I don't need to try all 10,000 on everyone -- if you have the most common password I can stop right away. Further, if you identify a user who's password you really want to crack, you can redirect all those resources at just that user with the full might of John the Ripper or Hashcat and try 1,000,000,000,000 common passwords and mutations against that user in the same amount of time (using my pessimistic numbers for how fast you can run). For reference, password cracking rigs are usually talked about in terms of gigahashes/second (billions of hashes per second). |