Hacker News new | past | comments | ask | show | jobs | submit login

It's feasible if you use a commonly used password or if the attacker knows specific information about you or your password. Otherwise, it is pretty much impossible.

// this is about focusing on a single account. Nobody would ever bother with trying to crack the whole DB.




Not only that, but along with the email you may have higher value targets that you will spend more time checking or trying to brute force.

Even if it's a gmail user, if you get them, and they use the same password on their mail, poof, you're in.

What gets me is that banks of all places have the worst password abilities (for their web logins)... case insensitive, only letters and numbers.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: