|
|
|
|
|
|
by yk
4668 days ago
|
|
|
The cracking technique discussed is dictionary plus some common substitutions. So the hashing algorithm is not very important. You would loose some factor of speed, but the 1000 most common passwords times 10 common substitutions, perhaps with 100 postfixes is still only 1 million hashes. And you would crack with these some non negligible fraction of the passwords in an unsalted database in probably under a minute. ( If the passwords are salted in the db, then you need a minute per hash, so assuming that you crack a few percent of the hashes you try, then you expect one password in under two hours even with modern password hashes.) |
|
|