They’re basically trying to find the time to create duplicate UUIDs. UUIDs are randomly generated and assumed to be so unique and actually random across… well, everything, that no one even checks if they’re actually unique. They suggested they found one in 5 hours. The only maybe possible way I could think of to do this legitimately is to use some ridiculously powerful computer and still get very lucky.
Ah! And this is why I don’t really care that much about long passwords or things of that nature. If the attack is brute force, it could still get lucky and guess it in 5 hours just like this UUID thing!
The chance to get lucky and pick a long, random password is still ridiculously small. The chance to pick admin123 is ridiculously large. You see the difference?
They’re basically trying to find the time to create duplicate UUIDs. UUIDs are randomly generated and assumed to be so unique and actually random across… well, everything, that no one even checks if they’re actually unique. They suggested they found one in 5 hours. The only maybe possible way I could think of to do this legitimately is to use some ridiculously powerful computer and still get very lucky.
Ah! And this is why I don’t really care that much about long passwords or things of that nature. If the attack is brute force, it could still get lucky and guess it in 5 hours just like this UUID thing!
The chance to get lucky and pick a long, random password is still ridiculously small. The chance to pick admin123 is ridiculously large. You see the difference?