Comments on: Crack an MD5 hash in less than a second http://www.tomdalling.com/blog/security/crack-an-md5-hash-in-less-than-a-second Thoughts of a software developer Sat, 04 Feb 2012 03:08:00 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: Adiga Hacker http://www.tomdalling.com/blog/security/crack-an-md5-hash-in-less-than-a-second/comment-page-1#comment-516 Adiga Hacker Sun, 26 Sep 2010 21:06:00 +0000 http://www.tomdalling.com/?p=146#comment-516 Not cracked in less than a second precomputed passwords are actully a password and its md5 hash stored in a database then a matching will be checked for the hash you entered.nnthis could prove helpful if the password you choose is 7 chars or less in length, but to generate a database with 8 chars or more with alpha(small and capital)+numbers+special chars will take huge amount of space and also long generating time ...nnfor an 8 chars pass of alpha either small or capital with numbers and up to 10 allowable special chars, the pass space is 72^8+72^7+72^6 .... + 72^1 ... assuming a minimal size of 40 bytes as space for the pass + the hash ... my computer wont give an answer for that ... but it will take multi TBs with weeks if not months of generating ....nnwither your pass is salted or not ... choose it to be 9 chars or more, with at least 1 number, 1 special char, 1 alpha capital and the rest as alpha small and your safe from getting your pass cracked as the chances of you being tricked into a false login or having your session stolen will be 1000s of time greater of your pass being cracked .... Not cracked in less than a second precomputed passwords are actully a password and its md5 hash stored in a database then a matching will be checked for the hash you entered.nnthis could prove helpful if the password you choose is 7 chars or less in length, but to generate a database with 8 chars or more with alpha(small and capital)+numbers+special chars will take huge amount of space and also long generating time …nnfor an 8 chars pass of alpha either small or capital with numbers and up to 10 allowable special chars, the pass space is 72^8+72^7+72^6 …. + 72^1 … assuming a minimal size of 40 bytes as space for the pass + the hash … my computer wont give an answer for that … but it will take multi TBs with weeks if not months of generating ….nnwither your pass is salted or not … choose it to be 9 chars or more, with at least 1 number, 1 special char, 1 alpha capital and the rest as alpha small and your safe from getting your pass cracked as the chances of you being tricked into a false login or having your session stolen will be 1000s of time greater of your pass being cracked ….

]]> By: MD5 Hashes in Cocoa « Tom Dalling http://www.tomdalling.com/blog/security/crack-an-md5-hash-in-less-than-a-second/comment-page-1#comment-129 MD5 Hashes in Cocoa « Tom Dalling Thu, 24 Sep 2009 03:23:37 +0000 http://www.tomdalling.com/?p=146#comment-129 [...] if the hash is generated from sensitive information such as passwords, then you should be aware of hashes weakness to precomputation attacks. Basically, make sure you sprinkle some salt [...] [...] if the hash is generated from sensitive information such as passwords, then you should be aware of hashes weakness to precomputation attacks. Basically, make sure you sprinkle some salt [...]

]]>