passwords! (including long passwords with poor entropy)

[coderman]

On Tue, Nov 12, 2013 at 6:08 PM, brian carroll
<electromagnetize at gmail.com> wrote:
>...
> yet what if the passwords 'length' were not the issue, such that a 20
> character string (of several number.words with several intermixed
> special characters) could still be successfully attacked, given those
> limited parameters.

this summer oclHashCat-plus got an upgrade (experimental) for support
to 64 characters of search space (55 or more depending on algo).

obviously this length implies a more intelligent / direct search
through the key space, which, if limited to a much smaller character
set, becomes practically attack-able...


in fact, optimizing the path of a dict cruncher like oclHashCat or
Hashkill for best performance against a particular target set is an
enjoyable art unto itself ;)