mersenneforum.org  

Go Back   mersenneforum.org > Great Internet Mersenne Prime Search > Hardware > GPU Computing

Reply
 
Thread Tools
Old 2012-12-21, 15:53   #1
swl551
 
swl551's Avatar
 
Aug 2012
New Hampshire

32816 Posts
Default 25-GPU cluster cracks every standard Windows password in <6 hours

Now here is some serious GPU power....

http://arstechnica.com/security/2012...rd-in-6-hours/
swl551 is offline   Reply With Quote
Old 2012-12-21, 21:10   #2
NBtarheel_33
 
NBtarheel_33's Avatar
 
"Nathan"
Jul 2008
Maryland, USA

5·223 Posts
Default The end of the password age

We're pretty much getting to the point where passwords in the traditional sense are uselessly insecure. No one wants to have to remember some obscure string of symbols that is 13, or 20, or one day, 50+ characters long (my father was *extremely* disturbed when his company required the addition of numbers and a single symbol such as ! or @ to the password). Seems like the real focus ought to be on biometrics: eye scans, fingerprints, facial recognition, etc.
NBtarheel_33 is offline   Reply With Quote
Old 2012-12-21, 21:11   #3
chappy
 
chappy's Avatar
 
"Jeff"
Feb 2012
St. Louis, Missouri, USA

13×89 Posts
Default

http://xkcd.com/936/

https://www.grc.com/haystack.htm

Last fiddled with by chappy on 2012-12-21 at 21:13
chappy is offline   Reply With Quote
Old 2012-12-22, 01:00   #4
c10ck3r
 
c10ck3r's Avatar
 
Aug 2010
Kansas

547 Posts
Default

That's every "8 digit" password. Couple problems:
1. My smallest password for anything I am required to keep secure is 11 digits. (Maximum 47) :)
2. You'd need a way to try the passwords on the machine itself (correct me if I'm wrong)
3. So many "useable" passwords lock up after 3 unsuccessful attempts.
Much easier to steal saved passwords from Firefox :)
c10ck3r is offline   Reply With Quote
Old 2012-12-22, 01:32   #5
swl551
 
swl551's Avatar
 
Aug 2012
New Hampshire

32816 Posts
Default

This cracking is based on having the hash of the password. It is not based on attacking a real-time authentication system which would (or should) lock out an account after N number of failed attempts.

A good example of this would be having an encrypted hard drive (with something like TrueCrypt) in your physical possesion, copying the first encrypted tracks into memory, and attacking it until the password was guessed and the drive compromised. [yes I know this particular article is about windows passwords, but the concept is the same]

It is interesting that one method of countering this type of attack is using "slow hashing" algorithms where the math/process to compute the hash (not a rainbow attack) has signifiicant overhead. NTLM being a fast hash, vs PBKDF2 http://en.wikipedia.org/wiki/PBKDF2 or scrypt http://en.wikipedia.org/wiki/Scrypt which are designed to to be slow.

Last fiddled with by swl551 on 2012-12-22 at 01:54
swl551 is offline   Reply With Quote
Reply

Thread Tools


Similar Threads
Thread Thread Starter Forum Replies Last Post
Prime95 - hours per day question Przem Information & Answers 3 2015-10-06 15:16
Factoring 110 digits in 38 hours ! mohamed Msieve 10 2013-09-08 06:28
Fujitsu cracks 278-digit crypto firejuggler Science & Technology 8 2012-06-20 20:03
non-standard sieve req Math 4 2011-12-06 04:17
No progress indication for the last 12 hours. Kimmy Hardware 4 2004-12-29 01:48

All times are UTC. The time now is 08:29.


Sun May 22 08:29:02 UTC 2022 up 38 days, 6:30, 0 users, load averages: 1.19, 1.16, 1.06

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.

This forum has received and complied with 0 (zero) government requests for information.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation.
A copy of the license is included in the FAQ.

≠ ± ∓ ÷ × · − √ ‰ ⊗ ⊕ ⊖ ⊘ ⊙ ≤ ≥ ≦ ≧ ≨ ≩ ≺ ≻ ≼ ≽ ⊏ ⊐ ⊑ ⊒ ² ³ °
∠ ∟ ° ≅ ~ ‖ ⟂ ⫛
≡ ≜ ≈ ∝ ∞ ≪ ≫ ⌊⌋ ⌈⌉ ∘ ∏ ∐ ∑ ∧ ∨ ∩ ∪ ⨀ ⊕ ⊗ 𝖕 𝖖 𝖗 ⊲ ⊳
∅ ∖ ∁ ↦ ↣ ∩ ∪ ⊆ ⊂ ⊄ ⊊ ⊇ ⊃ ⊅ ⊋ ⊖ ∈ ∉ ∋ ∌ ℕ ℤ ℚ ℝ ℂ ℵ ℶ ℷ ℸ 𝓟
¬ ∨ ∧ ⊕ → ← ⇒ ⇐ ⇔ ∀ ∃ ∄ ∴ ∵ ⊤ ⊥ ⊢ ⊨ ⫤ ⊣ … ⋯ ⋮ ⋰ ⋱
∫ ∬ ∭ ∮ ∯ ∰ ∇ ∆ δ ∂ ℱ ℒ ℓ
𝛢𝛼 𝛣𝛽 𝛤𝛾 𝛥𝛿 𝛦𝜀𝜖 𝛧𝜁 𝛨𝜂 𝛩𝜃𝜗 𝛪𝜄 𝛫𝜅 𝛬𝜆 𝛭𝜇 𝛮𝜈 𝛯𝜉 𝛰𝜊 𝛱𝜋 𝛲𝜌 𝛴𝜎𝜍 𝛵𝜏 𝛶𝜐 𝛷𝜙𝜑 𝛸𝜒 𝛹𝜓 𝛺𝜔