GoFuckYourself.com - Adult Webmaster Forum - View Single Post

czarina · 01-16-2012, 02:18 PM

I recently installed Strongbox/Throttlebox in my main sites, and today talking to their techs, they sent me this info. I thought it was very cute (and enlightening), so read on:

Typical usernames and passwords are normally 9 characters long. That means there are this many possible user names: 84,590,643,846,578,176
There are also this many possible passwords: 84,590,643,846,578,176

To successfully hack the site by brute force, the hacker has to guess a valid combination of username and password. To get the number of possible combinations he would have to try, we multiply the number of usernames he has to try by the number of passwords for each one:

7,155,577,026,378,634,231,908,944,079,486,976
pairs he has to try

At the maximum possible rate of guessing that Strongbox would allow even for a hacker using a BILLION proxies, how long would it take for them to get just one correct username/password combination? Here's how long it would take, on
average:
41,409,589,273,024,503,656,880,463 days

How long is 41,409,589,273,024,503,656,880,463
days? It's 113,450,929,515,135,626,457,207 years.

The dinosaurs roamed the earth only 65,000,000 years ago. So if tyrannosaurus rex started an attack on your site, which is protected by Strongbox, 65,000,000 years later he still would not have guessed a working user/pass.

To be more precise, there is a
99.99999999999999999% chance that he would not have gotten in after 65 million years.

Let's look at it another way:

Since dinosaurs:
65,000,000 years

Age of the earth:
4,500,000,000 years

Age of the universe:
13,700,000,000 years

Brute force Strongbox:
113,450,929,515,135,626,457,207 years

So if God had started trying to brute force your site at the same time that he created the universe, His progress bar on his brute force software still wouldn't have hit 1%.

You bought Strongbox to protect you from brute force.
It's doing that, very well. Relax and let it do its job. Strongbox may be notifying you that it is blocking a lot of IP addresses. As the emails say, those IPs are blocked. Unless the attacker lives much longer than the universe, Strongbox will keep blocking every one he tries.

YEP, I recommend Strongbox!

01-16-2012, 02:18 PM
czarina Webmaster Extraordinaire Industry Role: Join Date: Jul 2002 Location: A beautiful beach... Posts: 10,745	Big LOL! Info sent to me by Strongbox I recently installed Strongbox/Throttlebox in my main sites, and today talking to their techs, they sent me this info. I thought it was very cute (and enlightening), so read on: Typical usernames and passwords are normally 9 characters long. That means there are this many possible user names: 84,590,643,846,578,176 There are also this many possible passwords: 84,590,643,846,578,176 To successfully hack the site by brute force, the hacker has to guess a valid combination of username and password. To get the number of possible combinations he would have to try, we multiply the number of usernames he has to try by the number of passwords for each one: 7,155,577,026,378,634,231,908,944,079,486,976 pairs he has to try At the maximum possible rate of guessing that Strongbox would allow even for a hacker using a BILLION proxies, how long would it take for them to get just one correct username/password combination? Here's how long it would take, on average: 41,409,589,273,024,503,656,880,463 days How long is 41,409,589,273,024,503,656,880,463 days? It's 113,450,929,515,135,626,457,207 years. The dinosaurs roamed the earth only 65,000,000 years ago. So if tyrannosaurus rex started an attack on your site, which is protected by Strongbox, 65,000,000 years later he still would not have guessed a working user/pass. To be more precise, there is a 99.99999999999999999% chance that he would not have gotten in after 65 million years. Let's look at it another way: Since dinosaurs: 65,000,000 years Age of the earth: 4,500,000,000 years Age of the universe: 13,700,000,000 years Brute force Strongbox: 113,450,929,515,135,626,457,207 years So if God had started trying to brute force your site at the same time that he created the universe, His progress bar on his brute force software still wouldn't have hit 1%. You bought Strongbox to protect you from brute force. It's doing that, very well. Relax and let it do its job. Strongbox may be notifying you that it is blocking a lot of IP addresses. As the emails say, those IPs are blocked. Unless the attacker lives much longer than the universe, Strongbox will keep blocking every one he tries. YEP, I recommend Strongbox!