> A 2009 paper (PDF) by computer scientist Colin Percival estimated that it would cost a mere $4 to crack, in an average of one year, an 8-character bcrypt password composed only of letters.
Yet the linked paper by cpercival specifically states that a 8 _letter_ password would only take $4 per year to crack, but a 8 _character_ password would jump to $130k. Also, these numbers, as quoted from the paper, are referenced from 2002 dollars, including dollar costs of hardware from 2002, but do not include hardware other than the CPU, such as power supplies.
