[Cryptography] Passwords (Smallest feasible work factor today?)

Phillip Hallam-Baker phill at hallambaker.com
Wed Sep 7 17:07:34 EDT 2022


On Wed, Sep 7, 2022 at 4:30 PM Kent Borg <kentborg at borg.org> wrote:

> On 9/7/22 08:20, Phillip Hallam-Baker wrote:
> > Folk, what are people's thoughts on the smallest work factor that can
> > be considered acceptable today? I am thinking 2^80.
>
> Are you talking about access passwords or encryption passphrases?
>
> Because aren't the two completely different? (Tests of a password can be
> rate limited, tests of an encryption key cannot.)
>

If rate limits are an acceptable control, there would have never been the
need to introduce the stupid special characters in the first place. If
Mallet is limited to 5 tries in an hour, Alice could use a simple password
with little risk.

Breaking Password1 is really no more difficult than cracking password.

I always capitalize the first letter and add a 1 to the end and I am pretty
certain >90% of users do the same. The only people doing different are
people who are required to use a special character (Password1!) and the
poor sods required to change their password every n days (Password2,
Password3, ...)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20220907/7b82be5d/attachment.htm>


More information about the cryptography mailing list