Web lists-archives.com

Re: Password policy.




On Tue, Nov 13, 2018 at 12:49:17PM -0500, Gene Heskett wrote:
> On Tuesday 13 November 2018 11:23:13 peter@xxxxxxxxxxx wrote:
> 
> > Hi,
> >
> > https://www.debian.org/doc/manuals/debian-reference/ch04.en.html#_good
> >_password specifies "6 to 8 characters".  Is that adequate against
> > currently available brute force?
> >
> > Thanks,                                  ... Peter E.
> 
> "John the ripper" can find a 6 char word in a couple seconds on a slow 
> machine.

Against sha512? Or against old Unix crypt? There's a difference, and
it's measured in orders of magnitude, not times.

Reco