[saym]

> Furthermore, nothing can protect you if your password is password.

I'm not sure why you threw this line in with the rest of your response. I don't see what point you're making.

[vikstrous4]

What I meant by that is that a brute force offline attack will always succeed if your password is easily guessable regardless of what hashing or password verification protocols are used.