The growing use of graphics cards as surrogate supercomputers could spell trouble for users of short passwords.
Researchers say the growing number of processors on graphics cards will soon make it trivial for them to crack short passwords.
A password of seven characters or less will soon be "hopelessly inadequate" they claim.
The researchers suggest passwords should be at least 12 characters long to be safe.
3:40 pm on Aug 13, 2010 (gmt 0)
I can't believe that I still encounter sites hosting financial or sensitive data that restrict the password to short lengths and the characters to letters and numbers. Since the passwords should be encrypted when stored in the database it seems pointless to restrict the original size to such a short length. And allowing only alpha-numeric characters is just defenseless.
4:41 pm on Aug 13, 2010 (gmt 0)
Graphics processors--or any computing platform used for password cracking--are only useful for that purpose if the encrypted version of the password is known. This is therefore only a concern if the password database can be obtained from a system without extended user privileges. That itself is a security threat on its own.