[Cryptography] Secure password verifiers (Re: Passwords (Smallest feasible work factor today?))
Nico Williams
nico at cryptonector.com
Fri Feb 3 18:37:45 EST 2023
On Wed, Feb 01, 2023 at 10:50:45PM -0500, John Levine wrote:
> It appears that Nico Williams <nico at cryptonector.com> said:
> >With verifiers not subject to offline dictionary attack and a
> >sufficiently low trial rate the acceptable password complexity can be
> >quite low.
>
> Sure. That's why your bank card has a four-digit PIN. Given how long it
> takes for each attempt, that's good enough.
Right. Now if only we could get this to be so for all passwords at all
sites!
Nico
--
More information about the cryptography
mailing list