Date: Sun, 2 May 2021 23:38:55 +0200 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: source of information for John's charset files On Sun, May 02, 2021 at 11:21:34PM +0200, Solar Designer wrote: > Anyway, I just ran some tests the other way around - "cracking" RockYou > passwords. I didn't try excluding RockYou itself from the training sets > here - can't do that while including our current .chr files in the > comparison. So this is in-sample testing, which is generally a wrong > thing to do, but with that in mind here are the results for different > training sets (all are for incremental mode and 1 billion candidates): > > RockYou with dupes - 20.2% > RockYou unique - 21.9% > HIBPv7 cracked - 17.9% > > The percentages cracked are those of RockYou unique. > > Not surprisingly, RockYou is best fit for itself. HIBP is an acceptable > fit as well. It could have potentially performed better than RockYou > on this test due to its larger size, but as we can see that was not > enough to overcome it not being such a perfect fit as RockYou itself. FWIW, RockYou unique being best fit for itself persists after I shuffled it and split it into a 1M test set and 13.3M training set (no matching passwords in the sets, but both sets are parts of RockYou). Got 21.5%. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.