Salts: 4096 (64x64) Passwords input,,1,2,3,4,5,6,7,8,9 a-z,26,106496,2768896,71991296,1871773696,48666116096,1.26532E+12,3.28983E+1 3,8.55356E+14,2.22392E+16 "a-z, A-Z",52,212992,11075584,575930368,29948379136,1.55732E+12,8.09804E+13,4.2109 8E+15,2.18971E+17,1.13865E+19 "a-z, A-Z, 0-9",62,253952,15745024,976191488,60523872256,3.75248E+12,2.32654E+14,1.4424 5E+16,8.94321E+17,5.54479E+19 "a-z, A-Z, 0-9, shift0-9",72,294912,21233664,1528823808,1.10075E+11,7.92542E+12,5.7063E+14,4 .10854E+16,2.95815E+18,2.12987E+20 "a-z, A-Z, 0-9, shift0-9, punctuation",94,385024,36192256,3402072064,3.19795E+11,3.00607E+13,2.82571E+ 15,2.65616E+17,2.49679E+19,2.34699E+21 terrabyte: 1E+12,1E+12,1.06496E-07,2.7689E-06,7.19913E-05,0.001871774,0.048666116,1.265 319018,32.89829448,855.3556565,22239.24707 ,,2.12992E-07,1.10756E-05,0.00057593,0.029948379,1.557315715,80.98041718,421 0.981694,218971.0481,11386494.5 ,,2.53952E-07,1.5745E-05,0.000976191,0.060523872,3.75248008,232.653765,14424 .53343,894321.0725,55447906.49 ,,2.94912E-07,2.12337E-05,0.001528824,0.110075314,7.925422621,570.6304287,41 085.39087,2958148.142,212986666.2 ,,3.85024E-07,3.61923E-05,0.003402072,0.319794774,30.06070876,2825.706623,26 5616.4226,24967943.72,2346986710 So a password of 6 characters using only a-z would require ~1.2 terrabytes to store it, not to bad. A password of 6 characters with a-z, A-Z, 0-9 would require ~230 terrabytes (poetic license taken for database storage/indexes/compression/etc). The moral of the story: you need to protect the password file, since an attacker can glean the salt used from it, reducing their workload considerably (by a factor of 4096). You also need to make users choose strong passwords, if they choose a word you are probably up the creek, taking a dictionary with 4 million words (ie almost all words, names, etc, including foriegn languages) and you can hit a lot of passwords, tests I have seen usually 1-5% of passwords are set to the username, system default, or somehting like "password", meaning an attacker can get their foot in the door easily. The "problem" with crypt is it is relatively "cheap" to run through combinations/etc. MD5 and Blowfish provide a much stronger one way hash and the attacker will need a lot more time to generate a lookup database or brute force them. I.e. it mush less harmful if someone steals the /etc/shadow from my OpenBSD box (which uses blowfish) as opposed to a crypt'ed password file off a SuSE box. Now I need to eat breakfast. Kurt Seifried SecurityPortal, your focal point for security on the net http://www.securityportal.com/