Skip to main content

25-GPU server makes easy work of password cracking

posted onDecember 10, 2012
by l33tdawg

Ever wondered how secure the password to your Windows workstation is? Well, as it turns out, it's pretty insecure when put up against a 25-GPU server cluster running a combination of Linux and freely available password-cracking software suites. Said server, powered by 25 AMD Radeon graphics cards, manages to brute force Windows passwords at a rate of 350 billion guesses-per-second, making short work of eight-character passwords.

In around 5.5 hours the server cluster can try 6.6 quadrillion password combinations, enough to check every possible eight-character password including upper/lower-case letters, digits and symbols. Microsoft's NTLM cryptographic algorithm, which has been in use since Windows Server 2003, now seems remarkably weak and particularly insecure in some enterprise settings. With access to a hash of a workstation password, this machine will most likely be able to crack it in under a day.

Of course, this machine can only really guess passwords up to eight characters in a reasonable time, as adding just one extra character (to nine characters total) would require 500 hours to crack; 10 characters and you're looking at 5.4 years of cracking time. However, as many businesses stipulate eight characters as a minimum, there's a possibility that this machine will make (relatively-speaking) short work of it.

Source

Tags

Security Hardware

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th