|
|
|
|
|
|
by stepstep
4191 days ago
|
|
|
2^16 rounds of SHA-256 might not be "ultra slow" but it's certainly not as bad as you make it seem. If you read the analysis in the article, it would take many years to crack a random password with this hash function. It's unfair to say I "ignored" that requirement. |
|
|
You are wrong. Your analysis is based on the premise that an attacker might be able to compute "a billion hashes per second".
As I just showed you in my previous comment anyone with $3000 USD can actually compute at least 6000 billion hashes per second.
This means it takes about 11 days to crack a random 8-character alphanumeric password. Not 200 years as you claim.