There's some interesting additional commentary on the F-Secure Blog (http://www.f-secure.com/weblog/archives/00002228.html). Looks like they'd been breached multiple times.
The problem with that approach is that people are very bad at remembering random strings of text, so they're likely to write this down or copy it somewhere on their computer. Depending on the attack scenarios, that may…
Typically attackers do this during an offline brute-force attack (where they have a copy of the hashed password, probably along with other user information from the database). The attack is done by getting a list of…
There's some interesting additional commentary on the F-Secure Blog (http://www.f-secure.com/weblog/archives/00002228.html). Looks like they'd been breached multiple times.
The problem with that approach is that people are very bad at remembering random strings of text, so they're likely to write this down or copy it somewhere on their computer. Depending on the attack scenarios, that may…
Typically attackers do this during an offline brute-force attack (where they have a copy of the hashed password, probably along with other user information from the database). The attack is done by getting a list of…