> Even if the hashing algorithm is super fast, testing all combinations up to dozens of characters should still be impossible.
It's just time consuming, and compute time has gotten a lot cheaper. Advancement in GPU computing, cheap clouds, etc have really changed the game on this one since the invention of MD5 (which is why unsalted MD5 is such a bad idea now).
It's important to note that brute force is always technically possible, and the best hashing algorithms just consume more time. When we say "impossible" we really just mean "impossible to bruteforce before the heat death of the universe".
> And isn't there the possibility of collisions, so that even if you find a string that maps to the same hash, it might not be the original password?
That's correct, but if the hash is what's stored then the server is checking hash vs hash and a collision will result in login.
This is all coming from one computer security course, but I'm sure someone on HN can correct me if I've got any of this wrong.
It's just time consuming, and compute time has gotten a lot cheaper. Advancement in GPU computing, cheap clouds, etc have really changed the game on this one since the invention of MD5 (which is why unsalted MD5 is such a bad idea now).
It's important to note that brute force is always technically possible, and the best hashing algorithms just consume more time. When we say "impossible" we really just mean "impossible to bruteforce before the heat death of the universe".
> And isn't there the possibility of collisions, so that even if you find a string that maps to the same hash, it might not be the original password?
That's correct, but if the hash is what's stored then the server is checking hash vs hash and a collision will result in login.
This is all coming from one computer security course, but I'm sure someone on HN can correct me if I've got any of this wrong.