I try to explain how attackers would guess your password, should they get their hands on your encrypted data. There are some thoughts on the strength of real-world passwords and suggestions for your new password.

  • Gsus4@mander.xyz
    link
    fedilink
    arrow-up
    2
    ·
    24 days ago

    So we always assume passwords were unsalted? Or can they also brute force salts?

  • ExperimentalGuy@programming.dev
    link
    fedilink
    arrow-up
    1
    ·
    23 days ago

    This blog posts makes some weird assumptions. One that especially stood out to me was that when writing a password, someone would only capitalize the first letter. What? Its probably more common, but its definitely not the only letter someone would capitalize. There’s a few other assumptions like that, and I’m not sure where they’re coming from.