Re: Fwd: [Infowarrior] - How a cheap graphics card could crack your password in under a second

[David M Chess <chess () us ibm com>]

> What are the solutions? To be honest, I?m not sure. A combination of
> TPM, biometrics, passwords and maybe something else entirely new will
> be needed. But it?s clear that a complex password that users will
> actually accept for day-to-day authentication, and keep secret, might
> be history.

Or perhaps don't let the attacker try 10 million passwords per second? 

Really, if someone can ask "is THIS the right password?" as fast as he 
want to, you've already lost, and that's been true for a long time.

Not exactly new news, although it's fun to have the hard numbers for an 
OTC GPU...

DC


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.