I ran across this today and have never seen a matrix quite like this. I am skeptical. Jason, have you see this? I would love to hear your thoughts:
http://www.lockdown.co.uk/?pg=combi&s=articles

Gerard, it makes a lot of sense. Not sure how they made the calculations, but the iterations should be the number of characters in the passwork raised to the power of the number of possible different characters in the password.

So if I took a 60 character password where each character could be 96 different possiblities. You'd get roughly 5e+170. Dividing that by 100 billion passwords per second give you roughly 5e+159. Next we divide by 3600/24/365 to get 1.58e+152 years. So even if we increase the cracking power by 1 billion we still get 1.58e+143 years. In case anyone isn't familiar with the e notation that is 1.58 with 143 zero's.

The real problem is how do I create a password that long in such a manner that I don't lose it, but no one can get it.

Pete

-{ Quote: "
The real problem is how do I create a password that long in such a manner that I don't lose it, but no one can get it.
Pete" }-
This password safe has a password generator built in http://www.keepass.info/ you can make a 90 character password if you want, uppercase; lowercase; digits; minus; underline; space; special characters; Brackets; High ANSI characters. The password generator will also tell you the bit strength of the password and it is freeware.

It's the computer speeds that are suspect to me. I've never seen this "class of attack" scale before.

On edit: Under their matrix, it shows even the best key cracked in just under 84 days. I have never heard of anything like that and I don't believe it. In that case, everything is already cracked in a practical sense. This is a very controversial matrix they are using. Again, I'd like to hear what JT thinks.

-{ Quote: "It's the computer speeds that are suspect to me. I've never seen this "class of attack" scale before.

On edit: Under their matrix, it shows even the best key cracked in just under 84 days. I have never heard of anything like that and I don't believe it. In that case, everything is already cracked in a practical sense. This is a very controversial matrix they are using. Again, I'd like to hear what JT thinks." }-


I agree with you on the times on that matrix. I significantly increased the passwords per second and the upped the processing power, and I don't come close to their times.

Pete

Possible use of a quantum CPU? If this is the case then very easily done. Although to some a quantum CPU don't exist yet... ;D

sorry, i might be reading it wrong, but the 'best' password presented in the matrix is B33r&Mug. that would be cracked by a Class F in ~84 days.

however, class f = Typical for medium to large scale distributed computing, Supercomputers.

class d = Fast PC, Dual Processor PC. then it's 23 years.


using pre-computed tables, like rainbow tables, one could break a alpha numeric symbol32 password up to 14 characters (in plaintext) in length within minutes.

however, computing those tables would take months even if you distribute the load over several computers, not to mention that it would probably reach one terabyte in size.