Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

MD5 is long considered a broken, weak hash algorithm. Here is the MD5 hash of a password:

d9afca35a87a2af4168500640fcf2370

Password is 16 characters long, all lower case, no numbers, no special symbols.

Please tell me the password.



What percentage of people do you think actually use 16 character passwords?


Probably pretty low.

I use 64 character passwords, or if there is a length limit, always the longest possible. That’s the beauty of using a password manager :)


Do you use 64 character master password?


One advantage about having memorized a bunch of poetry back in the day is I have a lot of secure long passphrases to hand

Aesop, my author, makes mention of two mice and they were sisters dear 1234567890123456789012345678901234567890123456789012345678901234567890

70 and little effort


I consider mine pretty long, and it's right around 30 characters.


56 billion md5 hashes per second for $1.80 per hour at OVH. (single Nvidia Tesla v100 GPU)

Still a no-go for plain old brute forcing all a-z combinations. But, if your password is some combination of actual words, common keyboard sequences, or anything else in a password dictionary, it's cracked pretty quick/cheap.


The best I could find is this

https://stackoverflow.com/questions/10041298/how-to-recover-...

But can you show me the way how you'd go on about this? Really curious.


You can't. That's the point of the post. There is no known feasible pre-image attack on MD5.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: