Using GPU to crack passwords

Recently, I read about a password cracking tool called ighashgpu. What is interesting about it is that it is using the GPU for bruteforcing, instead of CPU which is usually used.Apparently, nowadays, even a cheap video card is able to perform brute-force attacks much better that the normal CPU.

I done some googling around and search for the time needed to crack a password using brute-force, with both “CPU power”(cain & able) and “GPU power”(ighashgpu).(The tests where performed using a middle-range video card – ATI Radeon 5770)

No of characters

Password cracked

Required CPU Time Required GPU Time
5 fjR8n 24 sec <1 sec
6 pYDbL6 ~1h 30 min 4 sec
7 fh0GH5h ~ 4 days 17 min 30 sec
8 t6Hnf9fL ~256 days 18 h 30 min
9 kfU64FdB8 ~43 years 48 days

It is frighten, from my point of view, to see how much faster can you crack a password using the processing power provided by a cheap video card. And the fact that the this cracking tools are breaking new grounds, it’s even more frighten. And, considering the growing rate of the video cards performance, in the near future, passwords under 15 will start to become useless.

Is an IT manager really going to manage to get the CFO to log in using “fR4; $sYu 29 @QwmQz” without the combination ending up on a Post-it note in his wallet?







About Stefan Fodor

inscriptie pe un mormant
This entry was posted in IT Security, Week 23. Bookmark the permalink.

One Response to Using GPU to crack passwords

  1. Pingback: Using GPU to crack passwords | EAL IT technologist (2010 Autumn) | Supreme Hacking

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s