Members
  • Total Members: 12816
  • Latest: t114563
Stats
  • Total Posts: 28525
  • Total Topics: 8240
  • Online Today: 833
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: "HashCat" can now crack passwords even with 55 characters (download & test)  (Read 1905 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Passwords with dozens of characters are supposed to be a natural defense against hackers, because they're that much harder to crack compared to short passwords. But not anymore.

As Ars Technica reports, the speedy password-cracking software ocl-Hashcat-plus can now crack passwords with around 55 characters, an increase from 15-character support in the previous version: https://hashcat.net/forum/thread-2543.html
Jens Steube, Hashcat's lead developer, said in the software's release notes that support for longer passwords was “by far one of the most requested features.”

Because some web services are more lax about security than others, and because no site is ever completely hack-proof, you can't really expect passwords to stay secure forever. Still, most reputable sites will “hash and salt” users' passwords, essentially using cryptography and adding other unique information to each individual password: http://scientopia.org/blogs/goodmath/2013/03/02/passwords-hashing-and-salt/
This makes it harder for hackers to discover the actual passwords after stealing them, but with the help of cracking software, hackers can still make lots of rapid fire guesses to eventually figure out people's hashed passwords. (Hashcat, for instance, can make 8 billion guesses per second.)

With cracking software, weak passwords are the first ones to go, because they're easily guessed by the software's algorithms. A strong password amounts to a last line of defense, and long passwords had proven particularly tough to guess.

But as Hashcat proves, it's not as difficult to figure out lengthy passwords as it used to be. To crack longer passwords, crackers are adding bible passages, book quotes and even online discussions to their dictionaries, increasing the odds of finding passwords based on common phrases.

Protect yourself!

Fortunately, it's relatively easy to minimize the potential damage wrought by password crackers like Hashcat. The tool shatters encryption with (relative) ease, but your hashed passwords need to be leaked from a compromised website before would-be hackers can get to crackin'.

So consider this your routine reminder not to use the same password on every site, no matter how long or complicated it is. PCWorld's Alex Wawro has a stellar guide on creating sturdy, crack-resistant passwords with minimal hassle, or you can use password management programs like KeePass or LastPass. Beyond mere passwords, set up two-factor authentication on your most sensitive accounts. And for goodness sakes, don't be one of those people who uses “password” or “123456”: http://scforum.info/index.php/topic,8695.0.html

(PCW)

Samker's Computer Forum - SCforum.info





devnullius

  • SCF VIP Member
  • *****
  • Posts: 3507
  • KARMA: 152
  • Gender: Female
    • SCForum.info
Sigh - they don't even need a quantum computer anymore :(

What should I do with my bitcoin wallet for example? Put it into me ars? Devvie does not approve to that  :down:

Any ideas on what kind of hardware is needed? GPUs? Because the fast ones have sold out at least a year ago - Litecoin mining!

Still - no good. What makes this program so smart??

War!

devnullius
More information about bitcoin, altcoin & crypto in general? GO TO  j.gs/7385484/btc

Cuisvis hominis est errare, nullius nisi insipientis in errore persevare... So why not get the real SCForum employees to help YOUR troubled computer!!! SCF Remote PC Assist http://goo.gl/n1ONa9

devnullius

  • SCF VIP Member
  • *****
  • Posts: 3507
  • KARMA: 152
  • Gender: Female
    • SCForum.info
Quote
oclHashcat   v1.01   2014.01.01
GPU Driver and SDK Requirements:
NV users require ForceWare 319.37 or later
AMD users require Catalyst 13.4 or later

Features

Worlds fastest password cracker

Worlds first and only GPGPU based rule engine

Free

Multi-GPU (up to 128 gpus)
Multi-Hash (up to 15 million hashes)
Multi-OS (Linux & Windows native binaries)
Multi-Platform (OpenCL & CUDA support)
Multi-Algo (see below)
Low resource utilization, you can still watch movies or play games while cracking
Focuses highly iterated modern hashes
Focuses dictionary based attacks
Supports distributed cracking
Supports pause / resume while cracking
Supports sessions
Supports restore
Supports reading words from file
Supports reading words from stdin
Supports hex-salt
Supports hex-charset
Built-in benchmarking system
Integrated thermal watchdog
80+ Algorithms implemented with performance in mind

... and much more
More information about bitcoin, altcoin & crypto in general? GO TO  j.gs/7385484/btc

Cuisvis hominis est errare, nullius nisi insipientis in errore persevare... So why not get the real SCForum employees to help YOUR troubled computer!!! SCF Remote PC Assist http://goo.gl/n1ONa9

jheysen

  • SCF Global Moderator
  • *****
  • Posts: 754
  • KARMA: 100
  • Gender: Male
There you go... :p

devnullius

  • SCF VIP Member
  • *****
  • Posts: 3507
  • KARMA: 152
  • Gender: Female
    • SCForum.info
There you go... :p

:) Thank you, JHeysen. Adequate as always ;pp

:) devvie
More information about bitcoin, altcoin & crypto in general? GO TO  j.gs/7385484/btc

Cuisvis hominis est errare, nullius nisi insipientis in errore persevare... So why not get the real SCForum employees to help YOUR troubled computer!!! SCF Remote PC Assist http://goo.gl/n1ONa9

devnullius

  • SCF VIP Member
  • *****
  • Posts: 3507
  • KARMA: 152
  • Gender: Female
    • SCForum.info
Quote
Low resource utilization, you can still watch movies or play games while cracking

Yeah man, my PC only can handle 128 GPUs at a time - big bummer when watching me MPEG movies from 1999. So really glad they thought about this!  ;p

D

More information about bitcoin, altcoin & crypto in general? GO TO  j.gs/7385484/btc

Cuisvis hominis est errare, nullius nisi insipientis in errore persevare... So why not get the real SCForum employees to help YOUR troubled computer!!! SCF Remote PC Assist http://goo.gl/n1ONa9

jheysen

  • SCF Global Moderator
  • *****
  • Posts: 754
  • KARMA: 100
  • Gender: Male
Perhaps it lets you config the target processors? :p
With AMD Platforms, you can run OpenCL on the CPU too for added lulz! (and if you have an A-series APU, well, you've got a Quad-core CPU AND a decent GPU to run the algorithm.. ).
I do think that the 128 GPU limits is a bit too much... they just prepared for leaps in technology I think... unless they actually refer to GPU Shader Units... then it's a completely different story..

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising