[maccard]

Thanks for trying! This somewhat supports what I'm suggesting - because that password hasn't been leaked by being posted in plaintext as a verified password, it's not available as a lookup, therefore it doesn't matter whether they used bcrypt, sha1 or md5, or even just pgp encrypted it, the password is likely "secure".

[Behemoth66]

It depends. It doesn’t have to strictly be a leaked password. If it’s similar to a leaked password then the permutation rule-set will catch it.

Anything under 9 characters I can brute force in minutes. 9 character passwords would take me 9 hours.

Obviously if someone has a nest of the latest GPUs then they could go a lot faster.

But yes if your password is uwv&6qu_brusb618_$@618jg then it doesn’t really matter how you hash it.

[maccard]

The reason I didn't give any more information on the password above is because you don't have any extra information on a dump of hashes from a twitch database either. If a password is only feasibly brute forceable for a specific algorithm by reducing the search space by many orders of magnitude, it kind of shows that there's not really any risk even if the passwords are unsalted for a person who hasn't reused a password.

[thaumasiotes]

> it kind of shows that there's not really any risk even if the passwords are unsalted for a person who hasn't reused a password.

No, it doesn't. You could reuse uwv&6qu_brusb618_$@618jg everywhere and it wouldn't get cracked. If the plaintext password leaked, then you'd be in more trouble.

What matters is whether your password is easy to guess, not whether you've reused it. If you have all unique passwords, they can still all be trivial to crack.

[ghostway-chess]

Well. Sha1 is not _that_ hard to break. It's a solved algorithm

[astrange]

That's for generating collisions, not preimage resistance. It's not particularly easy to reverse.