Security through Reverse Psychology

Let’s face it. We’re all losing the password length arms race.

Today’s GPUs can process two teraflops (a trillion floating-point operations per second), which means that my nephew’s high end gaming PC has roughly the same processing power as a multi-million dollar super computer did ten years ago.

Thanks to the power of the GPU and modern algorithms like rainbow tables, there are now commercial products available that can churn through nearly 3 billion passwords a second on a standard desktop computer

This may prompt the more conventional among us to follow the advice of a pre-eminent researcher in the field like Richard Boyd, who recommends a minimum password length of 12 characters to protect against brute force attacks.

Then again, you might be inclined to follow the Adobe way and try to outwit hackers with some cutting edge reverse psychology self-defense.

Adobe_fail

I know…you’re probably wondering why any moron ever thought it was a good idea to limit the password length as part of their security policy.

But think about it…

If I were a hacker, I would naturally assume that such a pre-eminent software company like Adobe would require at least a minimum of 12 characters. As a result, I would tailor my brute force attack to focus only on lengths above that threshold, thereby making their systems impenetrable.

Brilliant!

…and I thought that Adobe only excelled at creating massively bloated and annoying software that nobody in their right mind uses anymore.

7 Comments

  1. EvilKiru June 3, 2011 8:01 am 

    I gave up on Foxit when it proved impossible to install it on Windows 7 64-bit without it requiring admin privs to run.

  2. Karl Katzke June 4, 2011 8:44 am 

    Hey, look at it this way. The most likely reason that you’d cap the password length is that they’re storing it in clear text, and it’s only a varchar(12) or equivalent in the database. This is probably a nice big target on Adobe’s side, and maybe getting hacked will cause even more people to abandon the Flash “platform”.

  3. research papers November 20, 2012 4:06 am 

    Very interesting! Thanks for post.

  4. customessays review January 29, 2013 5:19 pm 

    What’s more, the income level at which the highest !

  5. samedayessay essay questions January 29, 2013 5:20 pm 

    I appreciate very much the effort you put into your writing style, keep up the good work!

  6. Guess watches sale July 22, 2013 7:53 pm 

    much the effort you put into your writing style, keep up the good work!

Leave a Reply