![How secure is your password? [880x880 - 1.02MB]](https://pic8.co/sh/zHlpLg.png){kind=link}
Just add a second or so to each login attempt. This is already done by bcrypt, luks and probably most other sane systems that are also "timing attack" safe (research.kudelskisecurity.com).
Just add a second or so to each login attempt. This is already done by bcrypt, luks and probably most other sane systems that are also ["timing attack" safe](https://research.kudelskisecurity.com/2013/12/13/timing-attacks-part-1/).
This works for remote systems. Once you have local access, or the hashed database, all bets are off.
This works for remote systems. Once you have local access, or the hashed database, all bets are off.
True.
True.
(post is archived)