Quote:
Originally Posted by Strateg0s
You need more than just a password. A hardware key + a password is a way to go. If you just have a password, it can be brute force cracked in a few days, no matter if it is 64 characters of gibberish. It's like putting the combination in a strongbox in front of a vault door. As soon as the strongbox is compromised, so is the vault. Adding in a hardware key would be sort of like adding a retina scanner. sorta.
|
Sorry Strat but that's not true according to the computer geeks I've talked with. Breaking a password can't be done like in the movies where they can break one letter at a time. Here's why:
A 30 character (the lowest the computer geeks recommend) nonsensical password would have over a Nonillion possible combinations. See below for what a Nonillion is.
The time required by a supercomputer like a Cray to do this would stretch into the months. It's just not going to happen except in the most extreme cases.
Here's how to determine the possible number of combinations a computer would have to search to come up with the correct password:
A 5 number password...
5x4x3x2 = 120 possible combinations... extremely easy
A 8 number password...
8x7x6x5x4x3x2 = 40,320 possible combinations, a little difficult
A 20 number password...
20x19x18x...x2 = 2,432,902,008,176,640,000 possible combinations... almost impossible.
For those of you who don't know what this number is, it is 2.4 Quintillion, and one Quintillion is a thousand, thousand, Trillion.
Strat, by the time we get to the recommended 30 character passwords, we're talking about the number of possible passwords being a Nonillion. Which most people have never heard of because it's basically an incomprehensible number and essentially a password of this length is unbreakable. Unless someone wants to put a Cray supercomputer to the task for several months, which unless you're bin laden, probably won't happen.
Best regards,
MaxRep