Re: Human versus machine input
If the computer can brute-force test a dictionary against human passwords at it's own ever-growing speed, then the computer will win.
This exploit is facilitated through the blindness of 'security' people!
Two pieces of information:
Which is the 'password' and which is the username?
When you think about it, both are really interchangeable, only convention dictates we encrypt one and not the other...
The point is with a dictionary attack, the first may be readily discovered, the second, at 15 characters will take a little time.... A little thought into the way we store credentials and the linkage between them can make attacks much more expensive.