|
On Jan 16, 2014, at 5:13 PM, Rena <hyperhacker@gmail.com> wrote:
Agreed .. but would you be ok with a hacker taking two months to quietly break into your bank account? There are two distinct issues here: — Time taken to crack credentials, which can be mitigated by introducing successively longer delays at each failure. — Password deduction based on timing of algorithms, which can be mitigated by introducing time delay jitter that swamps algorithm time with jitter “noise”. —Tim |