[Zolmeister0]

Dear All - Your passwords should be considered compromised. Hashing is merely a deterrent, it does not prevent cracking.

[elchief]

6500 bcrypt(5) hashes/second with custom FPGA:

http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=703252...

[Zolmeister0]

I didn't say it would be easy.

But dictionary and password list-based attacks are expected to be quite effective anyways.

http://www.openwall.com/presentations/Passwords13-Energy-Eff...

[alexdowad]

That's exactly what I thought the moment I read the post. The fact that Slack used bcrypt is good, and if they used a high number of iterations that's better, but neither will help you if your password happens to be on the crackers' list of 10,000 most common passwords.