Ars was briefly hacked yesterday; here’s what we know

Jump to latest Follow Reply
Status
You're currently viewing only taiganaut's posts. Click here to go back to viewing the entire thread.
Not open for further replies.
Muted (0)
Sort by date Sort by votes
T

taiganaut

Ars Scholae Palatinae
1,261
  • #137
    [url=http://meincmagazine.com/civis/viewtopic.php?p=28140899#p28140899:3v55d5lf said:
    ChrisSD[/url]":3v55d5lf]
    [url=http://meincmagazine.com/civis/viewtopic.php?p=28140841#p28140841:3v55d5lf said:
    Threz_[/url]":3v55d5lf]It's unfortunately that Ars is tied down with phpBB's decision to only offer MD5 in the name of compatibility.
    Click to expand...
    Well technically they can replace the phpbb password routine with their own, custom, routine but that is a bit of work to create and maintain.
    Click to expand...
    A patch that calls PBKDF2 or bcrypt, run every time the underlying phpBB *hrk* is upgraded?
     
    Upvote
    1 (1 / 0)
    T

    taiganaut

    Ars Scholae Palatinae
    1,261
  • #144
    [url=http://meincmagazine.com/civis/viewtopic.php?p=28140951#p28140951:v9zc0qsf said:
    godel[/url]":v9zc0qsf]The borderline for PRACTICAL safety is probably about 10 random characters, unless you're trying to keep the government out, so the twenty characters he's using are plenty.
    Click to expand...
    No, the bare minimum now is about 12 characters, and 15 to be safe.

    "In 2010, the Georgia Tech Research Institute developed a method of using GPGPU to crack passwords, coming up with a minimum secure password length of 12 characters.[12][13][14]"
     
    Upvote
    1 (1 / 0)
    Status
    You're currently viewing only taiganaut's posts. Click here to go back to viewing the entire thread.
    Not open for further replies.
    Jump to latest Follow Reply
    Jump to latest Follow Reply