Re: T-Mobile
> Each combination is hashed and the hashes stored together with a note of the positions of the characters of that combination.
This certainly provides *more* information about the password than a single hash if it leaks. Might need some new clever rainbow table tricks or something, but anyway: do not attempt home-baked security based on ideas you gave about 20s of thought...