Hacker News new | ask | show | jobs
by neuroid 3294 days ago
I don't know anybody that would do a sequential scan over a file in production

Well, that's pretty much how one would try to crack a password using a wordlist.

EDIT: If the goal is to crack a bunch of properly hashed (PBKDF2, scrypt, etc.) and salted passwords then a lookup table is not very practical.
2 comments
jacquesm 3294 days ago
If you're trying to crack 'a password' you're doing it wrong. Alternatively, you're doing something illegal.

That's not why these lists are made public (though I can appreciate the fact that they are 'dual use').

link
edoceo 3294 days ago
PP is talking about a lookup, you are talking about cracking. Different things. For lookup of a string match make an index.
link