| ▲ | adrian_b 11 hours ago | |
The point is that you know that the password is not longer than N. This indeed reduces the search domain by many orders of magnitude, i.e. by more than an order of magnitude for each character that you now know that it is not used by the password. Knowing the length of the password does not matter only in antediluvian systems, which had severe restrictions on the length of a password, so you already knew that the password is no longer than, e.g., 8 characters. | ||
| ▲ | gzread 11 hours ago | parent [-] | |
Bruteforce search in increasing length order will find the password in within 1% of the same amount of time | ||