Number of attempts to brute force an average password / non intrusive yet meaningful limits?
- 阅读更多 关于 Number of attempts to brute force an average password / non intrusive yet meaningful limits?
问题 There are several useful answers on SO regarding prevention of brute forcing a password of a web service by applying throttling. I couldn't find any good numbers though and I have little expertise in this area, so the question is: How many attempts does it usually take to brute-force an average password of 6 or more characters (with no additional knowledge that may help, but taking into account that passwords are probably prone to dictionary attacks) and based on that, what are meaningful