undefined | Better HN

0 pointsNegativeK1y ago0 comments

It's been a very long time, but: wouldn't Grover's algorithm apply to password hashes, shortening effective bit length by half?

That said, "double your password complexity/length" shouldn't be a problem if people are actually using password managers.

0 comments

Shank1y ago

I suppose if we look at the world strictly in terms of a "classic" hash, I believe the answer is yes. However, "modern" password hashes are designed to be memory and CPU intensive. Scrypt hashes, for example, are designed to "waste" cycles and memory to bolster security. The size of the underlying password can remain static while the requirements imposed by scrypt can change.

Granted, I'm sure many sites are still using bad hash-based algorithms like md5 without salt today. But modern applications are often built with the goal of slowing down even offline attacks with salting, memory consumption, and CPU cycle consumption. The goal isn't just slow, but costly.

j / k navigate · click thread line to collapse

0 pointsNegativeK1y ago0 comments

It's been a very long time, but: wouldn't Grover's algorithm apply to password hashes, shortening effective bit length by half?

That said, "double your password complexity/length" shouldn't be a problem if people are actually using password managers.

0 comments

Shank1y ago

j / k navigate · click thread line to collapse