[wp-hackers] Implications of failure to change 'unique' keys and salts

Gavin Pearce Gavin.Pearce at 3seven9.com
Fri Oct 26 15:34:57 UTC 2012

> According to the site you linked to you can brute force login if you
try continuously for a week. So not exactly "at will".

Just to clarify on that specific point: The '1 week' figure was based on
30 requests a second. Would be relatively trivial for someone with a
little more computing `bandwidth` to increase this figure to a more
substantial rate. 


More information about the wp-hackers mailing list