Other people have discussed the security aspect, I want to point out something different: the illusion of randomness
When I have to search for something by brute forcee, as you are suggesting here, I feel the same urge to randomize my guesses. But, unlike horseshoes and nuclear war, a miss is as good as a mile. It doesn't matter is you have one position wrong or 16. For each character position in the password, there is one correct character and 60, 70, 80 wrong ones. None of the wrong characters are closer in any sense. The enemy will not be intimidated into surrendering by your scatter-bombing.
If you run many tests of trying to reverse-engineer a password, both scatter-bombing and boring iteration will, on average, require N/2 guesses, where N is the total number of potential possibilities. Sometimes you get it right the first time, sometimes you have to spend all 1,500,000,000,000 years. In non-average cases, scatter bombing doesn't help, either. There is an equal probablity that the password you want to decode is aaaaaaaaaaaaaaab or deadbeefcakebabe. The iterator will get the first one on the second guess; the scatter bomb may not get there for a few million years.
deadbeefcakebabe might not be a good selection for a password, by the way.
--
TTTATCGGTCGTTATATAGATGTTTGCA
In reply to Re: Password cracking algorithm
by TomDLux
in thread Password cracking algorithm
by SyN/AcK
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |