from Hacker News

Why I Don't Recommend Scrypt (2014)

by voctor on 4/9/18, 7:05 PM with 1 comments

  • by jandrese on 4/9/18, 7:44 PM

    What kind of threat model are you operating under where a 72 character password is insufficient?

    Even if your password consists entirely of lowercase ASCII letters that's still 7.5E101 possible combinations. 20 orders of magnitude more than the number of atoms in the observable universe.