[a / b / c / d / e / f / g / gif / h / hr / k / m / o / p / s / t / u / v / vg / vm / vmg / vr / vrpg / vst / w / wg] [i / ic] [r9k / s4s / vip] [cm / hm / lgbt / y] [3 / aco / adv / an / bant / biz / cgl / ck / co / diy / fa / fit / gd / hc / his / int / jp / lit / mlp / mu / n / news / out / po / pol / pw / qst / sci / soc / sp / tg / toy / trv / tv / vp / vt / wsg / wsr / x / xs] [Settings] [Search] [Mobile] [Home]
Board
Settings Mobile Home
/g/ - Technology


Thread archived.
You cannot reply anymore.


[Advertise on 4chan]


File: file.png (91 KB, 1031x1112)
91 KB PNG
How long does my password need to be to stop hackers for 10 - 20 years?
>>
Just don't be worth "Hacking".
>>
your fukd because quantum computers will be around in 2 years and they can try all passwords at once
>>
>>109244181
>i'm retarded
quantum computers *may* be able to break asymmetric encryption. which passwords don't use
>>
>>109244137
use mfa
>>
You're supposed to use passwords like
"anonwasanonbelieverbuthegotconverted"
>>
>>109244181
i ended up at 30 character + special + number because gemini pro told me a quantum can't break it though
>>
>>109244137
Open brute force attacks are completely out of date.
Unless you are handling state secrets, almost nobody worth their salt is going to bother.
>>
>>109244705
the problem with having a dog ass password is that everything was already bruteforced "da hackers" already have lists of dehashed
>>
>>109244195
Not entirely true. There is a general quantum algorithm for a NP-Complete problem which is O(2^(n/2))
Which means a 16 char password can be cracked on quantum as it would be 8 char ...
>>
>>109244137
It all depends what it's on. For instance if it's on something like an ATM card where a central server will lock it out after 5 incorrect attempts and require you to go talk to someone in person to unlock it, a 4-digit numeric PIN is enough. If it's going back and forth with a server for every guess and the server can rate-limit the attempts, somewhat longer but still fairly short will do. But if it's on a hash or encrypted file that the attacker has locally on their machine and can do millions of attempts a second, you need something way longer.
>>
>>109244195
passwords on websites are not symmetric cryptography
you literally send the plaintext password to the server in almost all cases
>>
>>109245312
>plaintext
Over TLS yes. Someone spying on the traffic can't see it.
>>
>>109245326
if they broke asymmetric cryptography and recorded the key exchange they could very well be listening
>>
>>109244137
Nonexistent since its more about leaks, phishing and social engineering at this point rather than length
>>
File: 1774076811378332.png (1 KB, 24x29)
1 KB PNG
>>109244236
>anon was anon be lie verb u the go t conver ted
idgi
>>
>>109245438
if they can break a 2048-bit encrypted text, we've got worse problems than your pornhub password being leaked
>>
>>109245457
>leak
this guy explained what happens on a leak

>>if it's on a hash or encrypted file that the attacker has locally on their machine and can do millions of attempts a second, you need something way longer.
>>109245242
>>
>>109244771
that's why salts exist
>>
>>109244137
tree fiddy
>>
>>109246081
You don't have control over (or usually even knowledge of) whether a site's devs used salts, or even hashed their passwords. But you do have control over whether you used a crapass password like Password1!.
>>
>>109244137
Enough characters to stop YOU from giving it to some cute girl that is actually a russian hacker.
>>
>>109244137
doesn't provide entropy readout
>>
>>109245947
Follow the chain retard, that's not what the guy was claiming. He claimed he was safe because passwords encrypted his data with symmetric encryption.
>>
That looks vibe coded.
>>
>>109245947
Yes, breaking 2048-bit RSA is exactly the problem that quantum computers pose. And unless you are using post-quantum encryption strategies now, you are vulnerable to a "store now, decrypt later" strategy.
>>
8 words
>>
>>109244137
You need to use PQC.
>>
>>109244137
Write a program that goes through all versions of 8 printable ascii chars. Divide the duration by the number of printable ascii chars (127 I believe) power of 8. You know have how long it takes to do 1 try on an average computer. Divide that by however much faster the fastest computer in the world is. Then divide by average increase in performance-per-watt of the past 5 years.
Then find by how much you have to multiply that number by in order to get a duration over 100y.

Or, you know just have a password of 40 random ascii chars, that's probably good enough.
>>
File: file.png (78 KB, 1029x1060)
78 KB PNG
>>109250088
you had a convincing argument im gonna use 40 instead of 30



[Advertise on 4chan]

Delete Post: [File Only] Style:
[Disable Mobile View / Use Desktop Site]

[Enable Mobile View / Use Mobile Site]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.