Skip to main content
Information Security

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

7
  • 2
    Since it is beyond brute force, do you use 64-bit hashes per chance? Commented Apr 22, 2014 at 17:21
  • 35
    It's beyond brute force, except for the answer above in which it was brute forced. Commented Apr 22, 2014 at 19:18
  • 10
    @corsiKa The accepted answer brute-forced "SaltMe" or "SALTME", not the requested "SALT ME!" The difference between 6 and 8 characters is extremely significant here. Commented Apr 22, 2014 at 19:38
  • 4
    He was able to do it in under an hour on a single machine, including setting up the app. Adding a character would make it take around 2 days, which is very reasonable. Considering there weren't many optimizations made (answerer estimated he could make it roughly 10x faster with good optimizations) and that someone with the setup to just throw something like that together probably has a couple machines to parallelize it on, it appears a password could be brute forced in a week or two. Certainly feasible for something OP only needs once. Commented Apr 22, 2014 at 19:51
  • 10
    Except he bruteforced 6 6-bit chars, 2^36, which is far less than even "SALTME" in 8-bit which would be 2^48 Commented Apr 23, 2014 at 6:30