Quote:
|
Originally Posted by nofx
you can still always bruteforce
|
Note that with good passwords it would have to be a true
brute force attack and not the far more common and
much easier dictionary attack. With reasonably long passwords
and MD5 a brute force attack would take a very long time.
It'd be possible to do, but why bother when it just takes a
few minutes to rip the whole password file of some other site?
Also Strongbox will prevent a web based brute attack.
To even attempt a brute force attack they first have to get the
password list.
__________________
For historical display only. This information is not current:
support@bettercgi.com ICQ 7208627
Strongbox - The next generation in site security
Throttlebox - The next generation in bandwidth control
Clonebox - Backup and disaster recovery on steroids