• lemmyvore@feddit.nl
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Offline password cracking is still very much a thing. They steal the entire password database then crack it offline at their leisure, not live against the regular login.

    Several measures are required to defend against this:

    • Hash seeds defend against rainbow tables.
    • Password length & complexity as well as using computationally-intensive hash algorithms defend against the brute-force cracking.
    • Password managers help with length and complexity, sad well as promote not reusing passwords.