[Discuss] KeePassX

[Bill Horne]

On 7/23/2013 10:43 PM, Tom Metro wrote:
> (It seems most hack attempts we hear about lately have been against 
> fairly inconsequential
> sites, where the hackers must be primarily after validated email 
> addresses, and hoping
> users have reused passwords on multiple sites.)

They are primarily after the password hashes as well as the email 
addresses. The addresses are the user id's for multiple sites, and the 
hashes allow a "Dictionary attack", where they just run every word in 
the dictionary through a hash function, and see what matches.

Since my password isn't in a dictionary, and doesn't contain any common 
substitutions that would allow for guessing, I'm not concerned about the 
breach.

Bill

-- 
Bill Horne
339-364-8487