• Inductor@feddit.de
    link
    fedilink
    arrow-up
    15
    ·
    edit-2
    1 year ago

    Unfortunately, this chart is already out of date, the 2023 version looks like this: It is now the up to date chart.

    This uses 12 RTX 4090 GPUs and MD5.

    For the old chart you would need 40 billion guesses per second, and that is what the RTX 2080 was at five years ago. With a RTX 4090 you can guess 164 billion hashes per second.

    Using 8 AWS A100 GPUs at $32.77/h you can guess over 520 billion times a second and then the chart looks like this:

    All the charts and benchmark numbers are from here. There is way more on that page that I’m just going to leave out here, but I recommend you read through it.

    Of course this isn’t quite accurate, this assumes the hashing algorithm MD5 which is no longer recommended, because it’s so fast. It also ignores salting. But it assumes the worst case, a complete brute force with no dictionary/rainbow table, so I think it’s not a bad estimate.

    Edit: spelling

    Edit again: The comment I was referring to is gone, so I removed the refrence. The numbers are still correct though.

    • SitD@feddit.de
      link
      fedilink
      arrow-up
      7
      ·
      1 year ago

      thanks for this, OP forgot to mention that it’s MD5 and i think that’s absolutely crucial

      • Inductor@feddit.de
        link
        fedilink
        arrow-up
        5
        ·
        1 year ago

        Yes, this is what it looks like using bcrypt, and the same AWS GPUs:

        But they also mention that most low priority logins that people don’t care about like forums, restaurants, etc. still use MD5, and password reuse becomes a huge problem here.

      • Heringssalat@feddit.de
        link
        fedilink
        Deutsch
        arrow-up
        3
        ·
        1 year ago

        Keypasss hashing is a lot better than default MD5 though.
        They use SHA-256, salt and key derivation to increase security.

        But a better password and checking your settings is a never a bad idea.

      • tetha@feddit.de
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        The hashing algoritm is important though. I recently had to design some password hashing system and associated parameters. My work laptop can do a couple dozen million md5 attempts a second no problem. It’s like a factor of 100 - 1000 slower than this sheet. Not bad overall.

        However, using the right hashing algorithms with good tuning such as key derivation rounds and hashing rounds and such can slow that thing down to 2 or 3 attempts per second. Even if you had some system a million times faster than my CPU (at which point the NSA will make you offers and you should take them, or else), you won’t break those passwords given their hash. You wouldn’t even break them if they were simple random lower + upper case sequences of low length.

    • ChaoticNeutralCzech@feddit.de
      link
      fedilink
      arrow-up
      13
      ·
      1 year ago

      This assumes you can obtain the hashed & salted version of the password from the server, or it’s a local PDF/ZIP/etc file password. Still, you have 2FA to go through once you guess the plaintext password.

      • rauls4@lemm.ee
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        So it becomes a concern when someone steals a bunch of passwords from a server?

        • ChaoticNeutralCzech@feddit.de
          link
          fedilink
          arrow-up
          6
          ·
          edit-2
          1 year ago

          No legitimate websites will store passwords as plaintext, instead their salted (mathematically modified) hashes. They do not have your plaintext password but there is a mechanism of checking your password attempt. If the hacker interrupts this mechanism, they can steal plaintext passwords every time they are used. However, most of the time they “just” gain access to the database and get the hashed & salted versions, and can often find out what the hash & salt algorithm is by reverse-engineering their own entries. Then, they obtain a list of top 1B+ common passwords (includes all 4-digit numbers, “password” and curse words in all languages, pretty much every English word imaginable, most given names in the world, every date from the last 100 years in various formats, correct horse battery staple and entries from previous breaches) and for every hash & salt they compute, they check if it matches any known hash & salt of any user they’re interested in (could be just a few or all) matches. This dictionary attack will match the weakest passwords, and any matches give the hacker confidence that their method is correct. After that, they either start extending the dictionary (combining words with other words, letters and numbers), or brute forcing every combination of numbers, letters and symbols (with some heuristics: most passwords use way fewer symbols than letters).

          So “password breaches” are concerning because the hacker gets any number of retries for anyone’s password if they have the time and computing power. Therefore, it is very advisable to change your password after such a breach is discovered. This takes anywhere between 1 day to a month so if your password cannot be cracked in that time, you should be reasonably safe.

          • rauls4@lemm.ee
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            Very good explanation. I think this kind of clarification is important when we see charts like these.

    • AnUnusualRelic@lemmy.world
      link
      fedilink
      English
      arrow-up
      10
      ·
      edit-2
      1 year ago

      That’s not how it typically works. Accounts are usually obtained from a hash file (like what’s in your /etc/shadow or whatever the equivalent is in Windows).

      In there your typical password looks like a strong string of gibberish characters, but is actually the result of a one way function that processed the original password. When you enter you password, the function is applied to it and the result is compared to the stored one.

      To break a password, you have to run stuff through that function (which is slightly computationally expensive, although using GPUs now helps quite a bit) until you find whatever matches the stored string (because it’'s a one way function). Then you have the original password. This is known as a dictionary attack (because you basically have to run through the whole dictionary).

      And this concludes hacking 101 for today.

      • Serisar@feddit.de
        link
        fedilink
        arrow-up
        4
        ·
        1 year ago

        No, a dictionary attack uses a specific collection of known passwords (usually from leaks/compromised websites etc.) and regular words. Then you apply common substitutions, like a 3 for an e or appending an !. This collection is then called a dictionary.

        What you described and is referred to in the infographic is called a brute force attack.

      • Tavarin@lemmy.ca
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        Still need to know what the salt is, assuming the website is somewhat competent about password storage.

  • izzent@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    ·
    edit-2
    1 year ago

    Why is any amount of years in thousands not green? The matrix is skewed towards orange and red to make it seem riskier. This is a biased graph.

    Not to mention the computer specs needed to crack these passwords are not mentioned. A “hacker” still needs libraries of their own to crack anything, which might find the password or might not, and no method is instant.

    The ways to crack, at least with brute force, mean it’s iterative. You either start with the most common combinations of all numbers or all letters, and then move incrementally. Then start mixing. There are so many combinations that nothing is ever instant.

    • oushoyd@feddit.de
      link
      fedilink
      arrow-up
      6
      ·
      1 year ago

      For everything longer than a couple of years, it becomes more relevant what future hardware can do, I think. Would be interesting to see such a table from 20 or 40 years ago.

    • ChaoticNeutralCzech@feddit.de
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      14 numbers [ = 1014 combinations]: 41 min [ = 2460 s]

      This works out to 40 billion guesses per second. Can you calculate 8 password hashes in one 5GHz clock cycle?! If the hash&salt algorithm is any good, rainbow tables will not work, either. You would need the undivided power of some serious botnet to get these times. Not to mention the service would need to be breached for hashes first.

      • Trofont@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Everytime I see this graph I focus on the fact that 1 second and 10 months are the same color, but 1 sec and “instant” are different colors.

        Like I guess if “instant” is a billionth of a second than it’s a greater difference of magnitudes. However, in reality a second feels like an instant.

    • ChaoticNeutralCzech@feddit.de
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Everyone knows you are only safe if the hacker needs to run a dozen high-end contemporary GPUs for more than the lifespan of a star to be secure. /s Anyway, you can expect the times to shrink significantly once Si-optical or quantum computers become available in a few decades, although the service will have been discontinued, upgraded to a more robust hashing technique or you will have changed your password by then.

    • bitsplease@lemmy.ml
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Agreed - frankly even 10 years should be green. Unless you’re talking about corporate/government security, no one is tying up a decade of GPU time to crack a single password, not to mention that even a relatively security lax person is likely to have changed their password some time in a decade

  • Quetzacoatl@feddit.de
    link
    fedilink
    arrow-up
    4
    ·
    edit-2
    1 year ago

    neat, what I take from this and the discussion below is that with a pw containing upper- and lowercase letters, numbers as well as symbols that 12 characters is just long enough.

    • MystikIncarnate@lemmy.ca
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      The objective for password cracking is to obtain the hash of the users password. Obviously, if the intruder can get the raw password, that’s better for them and doesn’t require cracking.

      If there hash can be obtained, then the objective becomes to match it. Since most passwords are stored in a one-way hash, you basically take a known value, run it though the hash, and compare the result with the hash. If they match, then the known value is the password (or at least one that has a hash overlap with the correct password (which is good enough).

      Brute forcing the password prompt generally doesn’t work because of lockouts on password attempts at the page, and you’re correct on that, so it’s not a valid way to attack the system for the password.