Password Recovery Speeds - gHacks Tech News

Password Recovery Speeds

Now this is an interesting analysis of password recovery speeds. It compares the password length and the characters used to the time different computers need to brute force the password, ranging from Class A (speed of a Pentium 100) to Class F (supercomputers, large scale distribution) computers and networks of computer systems.

They take a look at passwords that consist of only numbers, only letters, a combination of numbers and letters, and finally letters, numbers and common symbols. For example a six digit password could be cracked by a Class A computer in about 9 hours while a Class F one would reveal the password in the same instance you started the process. Take a look and calculate how long it would take for someone to brute force your passwords.

It's of course a different story if something prevents the brute force process to run at full speed or continue, for example online banking accounts disable the account after three failed login attempts. It is however best to assume that the attacker has gotten hold of the password database somehow, to run the attacks continuously to see how long someone would need to wait before the password would be revealed by the program.

Update: It needs to be noted that the processing power has increased significantly in recent years, which means that the numbers displayed on the page are too conservative in nature. One example: The original chart stated that it would take an average PC back then more than six days to recover a password made up of mixed upper and lower case letters. An average PC in 2012 would only need four days for the same task (see How secure is your password for the full chart).

It can generally be said that recovery speeds improve with every generation of new cpus or workstations. I suggest you check out Mike's article on the topic which offers additional information, an updated chart, and interesting user comments and suggestions.

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:

Comments

There are no comments on this post yet, be the first one to share your thoughts!

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.