Sep 15 2019, 09:46 PM, updated 7y ago
QUOTE
Here is an estimate of the time required for an exhaustive password search attack, when the password is a random sequence of lowercase Latin letters.
The most complex task for password search attack is SHA-256 calculation. Special SHA-256 hardware or GPU can be used to accelerate password search attack. Now modern GPU can provide about 10 times more performance for SHA-256 calculation than modern CPU. And special SHA-256 hardware can provide about 20 times more performance than GPU.
We suppose that one user with a budget of about $2000 (for GPUs) can check 10000 passwords per second and an organization with a budget of about 10^9 USD (one thousand million US dollars) can check 3 * 10^12 passwords per second. We also suppose that the processor in use doubles its performance every two years; so, each additional Latin letter of a long password adds about 9 years to an exhaustive key search attack.
The result is this estimate of the time to succeed in an attack:
The most complex task for password search attack is SHA-256 calculation. Special SHA-256 hardware or GPU can be used to accelerate password search attack. Now modern GPU can provide about 10 times more performance for SHA-256 calculation than modern CPU. And special SHA-256 hardware can provide about 20 times more performance than GPU.
We suppose that one user with a budget of about $2000 (for GPUs) can check 10000 passwords per second and an organization with a budget of about 10^9 USD (one thousand million US dollars) can check 3 * 10^12 passwords per second. We also suppose that the processor in use doubles its performance every two years; so, each additional Latin letter of a long password adds about 9 years to an exhaustive key search attack.
The result is this estimate of the time to succeed in an attack:
I don't know if a password full of numerical digit is easy to hack?
This post has been edited by Mussel: Sep 15 2019, 09:49 PM
Quote
0.0134sec
1.31
6 queries
GZIP Disabled