This means that it doesn't matter how many times you hash the password, if the users password is one of the 10,000 common passwords the brute for hack would still find the password anyway.

You are also assuming that the database is left unsecured to allow the hacker to get access to the data to obtain the users salt value.

Web Wiz Forums also uses CAPTCHA after 3 unsuccessful logins for an account to prevent brute force hacking, so the only way this brute force hack can be done is if the hacker has full access to the data in the database to run directly against the database and not through Web Wiz Forums.

The hashing of passwords in the Web Wiz Forums database is only used to ensure that in most circumstances if someone gets hold of the database they can not see the users passwords.

If a hacker with time on their hands gets hold of your database then you are screwed anyway, no matter how many times you hash passwords, which means the important thing is make sure your database is secure.

I think you might of slightly misunderstood me though, assume that a database is compromised, along with the hashing algorithm, and along with all your user records.  Pretty much everything, which is something that should probably be assumed when an attack has taken place.

I think it's quite important to still protect peoples user names and password even in this circumstance, as quite often people use common user names/passwords across multiple web accounts, say for example Paypal, or a poker site.

So if someone gained access to you database, either because they failed to set it up properly on the website, or because a rogue web host decided to copy it over, or the webmaster made an error at some point, or for any other reason, you have a breach which could potentially be damaging to users on other websites, without the users knowledge of the source of the compromise.

Now assume the minimum password requirement was 5 chars, allowing any alphanumeric chars.  The minimum search space is:

35^5 = ~52,000,000 possible passwords

and lets say we want to crack all passwords < 8 chars:

35^7 = 64,000,000,000 possible passwords

Now if I write a script to iterate through every combination of password, 64 billion of them, at a rate of 1 billion per second (conservative rate), it would take a maximum of 60 seconds for me to uncover a single users password.  So a database with 5,000 users, I can brute force all their passwords within worst case 4 days, as long as all their passwords are <8 chars.  I can then try logging in with their details across lots of different sites to see if I can gain access.

If the password is stored rehashed, say 2,000 times, a brute force attack on a single users password would take worst case 34 hours to crack a single users password,  it would then take worst case 20 years to crack everyone's passwords.  It would render such an attack pretty difficult and unachievable/unworthwhile for most hackers.  They could cherry pick users and spend 30 hours brute forcing the password but the majority of users will be safe.

This way, if I operated a site and the database was exposed at some point, I would still alert users they should change their passwords, but I wouldn't send out a message saying it's VERY important they change their passwords as they are easily brute forceable.

I'm acutely aware I haven't been on these forums for a long time, so I hope you aren't taking this as negative criticism, I'm fully aware that you are very security concious and have written WWF excellently, this is just a suggestion to improve security if ever a database was compromised, which I think is more likely to happen on freely distributed software.

I ran some tests on a new Intel Xeon Quad Core Server to hash the password 2000 times and found that it timed out after 90 seconds, even changing it to hash 100 times took 20 seconds and topped out CPU Cores.

This means that on the registration page where hashing takes place twice it would take 40 seconds to hash the password 100 times during registration which time the whole server would slow down due to high CPU utilisation. This means that both the person registering would get annoyed having to wait 40 seconds and the server admin would not be happy with the CPU resources used.

With it taking 20 seconds to hash 100 passwords it works out at 5 per second rather than your estimate of 1 billion per second, which means that it would take around 416 years just to crack one password at 8 characters long.

With version 10 there is also the option of the admin enabling complex passwords where the minimum length can be set along with them being case sensitive and alphanumerical, which would make passwords harder to crack.

In 10 years there have been no issues of passwords being cracked and if you left your database compromised there is allot more data in there such as email addresses, names, etc. that would be more valuable and economic to use rather than trying to crack the passwords.