1980s: no progress on the defense side? "A Fast Version of the DES and a Password Encryption Algorithm" by Matt Bishop, 1987 Speeds up crypt(3) by a factor of 10 to 20 through the use of larger/combined lookup tables (up to 200 KB total) and other optimizations Morris worm (1988) uses its own semi-fast implementation of DES-based crypt(3) to crack passwords on local accounts 9 times faster on a VAX 6800 (45 passwords/second), needs only 6 KB Ultrix crypt16: poor attempt to overcome the 8-character limitation VMS introduces is own plethora of fancy password hashes