[plug] Is Red hat truly flawed?
Matt Kemner
zombie at wasp.net.au
Wed May 3 11:56:36 WST 2000
On Wed, 3 May 2000, Christian wrote:
> I'm going to take this question literally and assume you are asking what
> prevents bcrypt from being vulnerable to a precomputed dictionary
> attack. The simple answer is that bcrypt uses an 128-bit salt.
But if you have the password, you have the salt, right?
So you can still compile your dictionary on-the-fly (eg with john the
ripper)
- Matt
More information about the plug
mailing list