[18246] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

online MD5 crack database

daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Mon Aug 22 09:13:53 2005

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
To: cryptography@metzdowd.com
From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 22 Aug 2005 08:59:11 -0400

This website has a large database of MD5 hashes of common passwords:

http://gdataonline.com/

Presumably, as storage continues to get cheaper, this sort of thing
will only become easier.

Ways to ameliorate it? Consistently using long (64 bits or more) salts
with hashed passwords makes storing such databases much harder, and
encouraging the use of far longer passphrases with much more entropy
reduces the problem further. Longer hashes are also a good idea.

None of this is new -- I'm just noting that the trend continues apace.

Perry
PS I found the link off of a /. story earlier today

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[18246] in cryptography@c2.net mail archive

online MD5 crack database

daemon@ATHENA.MIT.EDU (Perry E. Metzger)Mon Aug 22 09:13:53 2005

daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Mon Aug 22 09:13:53 2005