Marcin Juszkiewicz wrote:
> 9 characters password in 2022 is considered 'easy breakable' thanks to
> power of GPUs.
To "break" the password offline with a GPU, you need a hashed password to
begin with. If I log in securely over HTTPS and if the server is not
compromised (and neither is my computer), you do not get my password,
neither hashed nor unhashed. So then you need to actually brute-force the
password by logging in to the server, the GPU will not help you a bit, and
you will likely get blacklisted pretty quickly. So I see this as an absolute
non-issue.
> Maybe start using some password manager to generate and store long
> enough passwords?
Well, yes, I store the password in KWallet, so it was not a major
inconvenience to have to generate and store a new one. It was just an
entirely unnecessary inconvenience.
Kevin Kofler
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
