> ... SRP with a 4096 bit prime is getting close to the level of OpenBSD > Blowfish hashes ... Sorry for the multiple post, but I just wanted to remind folks that this attack assumes that your server has already been rooted and your password database stolen -- during normal SRP operation a password of "green" is much, much stronger than this.