[Cryptography] Secure password verifiers (Re: Passwords (Smallest feasible work factor today?))
John Levine
johnl at iecc.com
Wed Feb 1 22:50:45 EST 2023
It appears that Nico Williams <nico at cryptonector.com> said:
>With verifiers not subject to offline dictionary attack and a
>sufficiently low trial rate the acceptable password complexity can be
>quite low.
Sure. That's why your bank card has a four-digit PIN. Given how long it
takes for each attempt, that's good enough.
More information about the cryptography
mailing list