Timeline for How can I create a password that says "SALT ME!" when hashed?
Current License: CC BY-SA 3.0
8 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Apr 23, 2014 at 17:51 | comment | added | miniBill | @KevinLi 64-bit would lower the barrier needed for second preimage considerably. Also, birthday paradox. | |
| Apr 23, 2014 at 17:50 | comment | added | miniBill | Now, 2^48 is far less than 2^64, and it is in fact bruteforceable (it would take ~4096 hours on Tom's machine) | |
| Apr 23, 2014 at 6:30 | comment | added | miniBill | Except he bruteforced 6 6-bit chars, 2^36, which is far less than even "SALTME" in 8-bit which would be 2^48 | |
| Apr 22, 2014 at 19:51 | comment | added | corsiKa | He was able to do it in under an hour on a single machine, including setting up the app. Adding a character would make it take around 2 days, which is very reasonable. Considering there weren't many optimizations made (answerer estimated he could make it roughly 10x faster with good optimizations) and that someone with the setup to just throw something like that together probably has a couple machines to parallelize it on, it appears a password could be brute forced in a week or two. Certainly feasible for something OP only needs once. | |
| Apr 22, 2014 at 19:38 | comment | added | Mike Scott | @corsiKa The accepted answer brute-forced "SaltMe" or "SALTME", not the requested "SALT ME!" The difference between 6 and 8 characters is extremely significant here. | |
| Apr 22, 2014 at 19:18 | comment | added | corsiKa | It's beyond brute force, except for the answer above in which it was brute forced. | |
| Apr 22, 2014 at 17:21 | comment | added | Kevin Li | Since it is beyond brute force, do you use 64-bit hashes per chance? | |
| Apr 22, 2014 at 16:41 | history | answered | miniBill | CC BY-SA 3.0 |