* Mike Fratto (mfratto@xxxxxxx) wrote: > Since the salt is known, it has no effect on the "keyspace" because you > don't have to guess it. If there was no salt, then pre-computing a > dictionary is a much smaller task. That's the whole point of the discussion- the way Postgres's pg_shadow stuff works the salt is known and *because* of that it might as well not exist since it means that you can pre-compute the keyspace. Knowing the salt means you can pre-compute the keyspace ahead of time. If you don't know the salt until you've gained access then you'll have to wait till then to begin computing the keyspace. I suppose technically you could start pre-computing the keyspace before then, but then it's a much larger keyspace which makes it much more difficult. Stephen
Attachment:
signature.asc
Description: Digital signature