Password Cracking question, what do we use instead of rainbow tables?

Well I've been thinking about building a PW cracking rig for a while on what is worth putting money into. I found this article and was intrigured. Especially when I came across this:

Rainbow tables are an ancient relic of the past that simply have no place in modern password cracking. Modern password cracking is highly dynamic and requires agility, flexibility, and scalability. Rainbow tables are static, rigid, and not at all scalable - they are the antithesis of modern password cracking. When you look at what the world's most successful password crackers — Team Hashcat, Team CynoSure Prime, Team Radeon 9800 — you'll see that none of them have touched rainbow tables in nearly a decade.

But the article doesn't mention what has replaced them, what is being used today. I'm not aware of anything new in the world, but I don't think the writer is wrong as a friend recently went to download to download the defcon tables and found most of the torrents are dead or damaged.

I know password lists/dictionaries are still being distributed but i'd be surprised to know we are going backwards if that is the case.

I know that distributed architecture is the best for cracking but that is out of my wheelhouse and it still doesn't explain what has replaced tables.

submitted by /u/sephstorm
[link] [comments]

from hacking: security in practice https://ift.tt/3qOPUDl

Comments