Re: Overriding cakephp core functions

On Wed, Sep 14, 2011 at 8:33 AM, Chris Cinelli <chris.cinelli@formativelearning.com> wrote:

According to: http://research.microsoft.com/pubs/74164/www2007.pdf ~20% of Fidelity, ~20% of NY Times, ~15% of Paypal have a password with bit strength of 30 or less. According to that study, this mean that If I know the hash and salt, you need to try just 2^30 total combinations to find the password of 45% of Paypal users.  Using a ATI HD 5970 (that you can find at $499 at Buy.com and http://www.golubev.com/hashgpu.htm you can try 2,300,000 SHA1 hashes a second.

No you can't - you'd need 45% of PayPal User's usernames... And the db table of passwords to check against...neither of which is trivial to get.

if it was this easy, everyone would have 45% of paypal user's passwords....

--
Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions.
 
 
To unsubscribe from this group, send email to
cake-php+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php