Hacker News new | ask | show | jobs
by tetha 876 days ago
Yeah, I fell into my usual security questionaire wording there.

I'm not even contradicting you there. You can go as fast as you can go. Even if every atom in the current estimation of the universe had a couple thousand computations available, we couldn't brute-force some passwords. Except, now customer security asks you "but what about millions of computations per atom? Checkmate!".

Being too concrete and absolute with these kinds of people ends up with so many stupid discussions.
1 comments
stavros 876 days ago
> You can go as fast as you can go.

This is true, it's just that, with modern KDFs, that's still too slow to matter (unless someone broke them and we don't know). If you use a modern KDF, you basically don't have to worry about brute forcing at all, even for fairly weak passwords.

link
tetha 876 days ago
I know that. You're missing the second part there.

I have been asked by customers about the reliability of our software platform if major german cities have been hit with either nuclear, natural or military disaster. It's that level of silly you sometimes have to deal with.

Eventually I got fed up enough and told those kinda people that I'm volunteering in disaster prevention services and their systems wouldn't be my problem at that point.

link
stavros 876 days ago
Huh, I didn't know people wanted that level of disaster planning.
link