[CentOS] Another Fedora decision

Wed Feb 4 23:36:59 UTC 2015
Warren Young <wyml at etr-usa.com>

> On Feb 4, 2015, at 4:14 PM, Les Mikesell <lesmikesell at gmail.com> wrote:
> 
> Not exactly - it just becomes a question of whether the complexity
> requirements imposed by the installer are really worth much against
> the pre-hashed lists that would be used to match up the shadow
> contents.

Rainbow tables don’t help against salted hashes.  Rainbow tables are for attacking *un*salted hashes, like NTLM used.

 https://crackstation.net/hashing-security.htm

When the hashes are properly salted, the only option is brute force.  All having /etc/shadow does for you is let you make billions of guesses per second instead of 5 guesses per minute, as you get with proper throttling on remote login avenues.