Quote:
Originally Posted by Mauzen
You can crack them all. Without salt its a matter of milliseconds.
|
I'd say that entirely depends on if someone has already created a database of all the possible input - hash references and even then what if your password isnt in those bounds? Not to mention the time required to traverse such a large database. I don't think those are milliseconds at all not to mention that it has become quite popular among some industries to hash the password for minutes, in order to increase the time required to create such a database.
However yes, salt's definitely add a giant layer of security. However the combination of hashing multiple times and a salt make the time required to crack it so vast, it is a pointless task at this point.
