Turns out there are plenty (according to Ars Technica) of password “recovery” tools out there. They use graphics cards to do the work. A good example is that with two graphics card, it takes 56 seconds to crack a random 8 character password! Wow, makes you really think about how passwords are being used particulary given everything that is stuffed in the cloud. Hashcat is an example is a good example of an open source tool. It knows a bunch of password algorithms (from Windows to SQL Server) so you just run it against a hash and then see what the password is. The thing is completely offline so it is pretty amazing.

overview — bruteforcing an 8 character password consisting of a-z, 0-9 (2,821,109,907,456 possible combinations) estimated time to run thru the entire keyspace was 10 minutes. the actual time it took to find the password was 56 seconds (see below). 

I’m Rich & Co.

Welcome to Tongfamily, our cozy corner of the internet dedicated to all things technology and interesting. Here, we invite you to join us on a journey of tips, tricks, and traps. Let’s get geeky!

Let’s connect