search for: dictionaty

...eans that > hackers have access to my passwords hashes (eg. hackers stolen my database). > > My Dovecot use passwords saved in database as SHA256 and hackers can use > only SMTP, IMAP or POP3 services to try crack it using dictionary attack (I > understand that they using plain text dictionaty passwords). > > Stronger hash algorithm and salt is useful when hackers have direct access > to my database but when they use services as SMTP, IMAP or POP3 > to crack passwords only longer and more complicated password can be more > secure. > > I do not understand this corre...

Aki Tuomi wrote: > The use of salt, today, is to prevent the attacker from directly seeing > who has same passwords. Of course it also will make a rainbow table > attack less useful, Not just less useful, but almost infeasible. Given the use of random salts, you would have to generate (number of possible salts) rainbow tables. This drastically changes the CPU/storage tradeoffs. >