Please note, this is a STATIC archive of website hashcat.net from 08 Oct 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

Full Version: No need for complex password
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Why do we need complex passwords when it only length that matters?

Even with 232 120 000 H/s, fastest algorithm(MD5) with 10 fastest GPU card, Radeon R9 295X2, taking only lower cases and numbers you would still need so many years to brute a 20 letter pass.

36^20 = 13367494538843734067838845976576/
232 120 000(H/s)/
31 536 000(years) = 1 826 126 448 263 156 years.
Why do we need brute force when it only dictionary that matters?
My point was that you can create a long but simple to remember pass instead of a shorter but harder to remember one.
You can still find long passwords. If you use easy passwords they will be found really fast.
just to give you an idea of recently cracked passwords:
Code:
Happy Birthday dude!
claudia007claudia007
FuckTheFuckingFuckers
The wonderful wizard of oz
davidthisisnotmypassword
supersizefrenchfries
pediatricsanthropometry
superelephanttesting
passwordhellotesting
jjjjjjjjjjjjjjjjjjjjjj
administratorlegendworld
(06-07-2014, 10:25 PM)undeath Wrote: [ -> ]just to give you an idea of recently cracked passwords:

Really? You were able to find these long passwords? Impressive!

What technique did you use, if it's not a secret? Smile

I'm probably asking for spoon-feeding here. :p
Since oclHashcat has abandoned the 16 char limit for passwords these kind of passwords are not a challenge any more. With proper dicts and attack mode you can find them easily. Mainly just dict + rules and combinator mode. However attacks like the fingerprint attack provide many neat ways to find long passwords, too.
tethys,

Try it and see for yourself... :-)

Im using the linkedin leaked hash against wordlist I've downloaded from "https://human0id.net/dicts/musicbrainz/". By using just a straight dictionary attack I'm able to crack password as long as 30 characters.

Code:
./hashcat-cli64.app -m 100 -a 0 --remove -o ../cracked.txt ../unmasked.lst ~/Downloads/human0id/MusicBrainz/MusicBrainz.dic

Code:
Jantje zag eens pruimen hangen
savethecheerleadersavetheworld
in the beginning was the word
givemelibertyorgivemedeath
eastofthesunwestofthemoon
yonoquierovolvermetanloco
deathshallhavenodominion
bigtroubleinlittlechina
elvishasleftthebuilding
StrangerInAStrangeLand
harekrishnaharekrishna
xenathewarriorprincess
jesuschryslersupercar
à la claire fontaine
foreverblowingbubbles
fromthebottomtothetop
networknetworknetwork
thinkingofamasterplan
Аристократ
the audacity of hope
andatetuttiaffanculo
grassisalwaysgreener
internationalnetwork
iveseenallgoodpeople
opeengrotepaddestoel
somethingthatmatters
theendofthemillenium

Best regards,
Azren
Thank you, Azren and Undeath. Interesting indeed, Ill give it a try.