Re: How Many Permutations Make a Password Effectively Impossible to Brute Force Calculate?



"Thor Kottelin" <thor@xxxxxxxx> wrote in message
news:R6Pfp.23289$mX5.19556@xxxxxxxxxxxxxxxxxxx
"W" <persistentone@xxxxxxxxxxxxxx> wrote in message
news:LK-dneGt469cKuLQnZ2dnUVZ_q4AAAAA@xxxxxxxxxxxxxxx
"unruh" <unruh@xxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:slrninrdkt.obc.unruh@xxxxxxxxxxxxxxxxxxxxxxxxxx
On 2011-03-14, W <persistentone@xxxxxxxxxxxxxx> wrote:
If you construct a password from smallcase letters, you effectively
have
24
permutations per character. If you construct a password from
uppercase
and
lowercase and add in 10 number digits, you increase that to 58
permutations
per character in the password.

How many permutations effectively make it impossible - with modern
computers - to brute force calculate a password?

Depends on how long you are willing to spend.

I don't think that's quite correct. At a certain number of
permutations, even 10K computers couldn't brute force the password in 10
years, working 24x7.

I'm trying to objectify this. So "depends" isn't a useful answer.

I am not a cryptologist, but I think an exact answer would require exact
values for "modern computers", both in terms of quantity and performance.
Does the attacker have access to a couple of PCs, to a botnet grid or to
the combined supercomputer capacity of several Western governments?

The attacker has 10K Intel 3GHz quad core computers.


You are probably familiar with the results e.g. distributed.net has
achieved.

No I am not.

--
W


.



Relevant Pages