Why do we need complex passwords when it only length that matters?
Even with 232 120 000 H/s, fastest algorithm(MD5) with 10 fastest GPU card, Radeon R9 295X2, taking only lower cases and numbers you would still need so many years to brute a 20 letter pass.
36^20 = 13367494538843734067838845976576/
232 120 000(H/s)/
31 536 000(years) = 1 826 126 448 263 156 years.
Why do we need brute force when it only dictionary that matters?
My point was that you can create a long but simple to remember pass instead of a shorter but harder to remember one.
You can still find long passwords. If you use easy passwords they will be found really fast.
just to give you an idea of recently cracked passwords:
Code:
Happy Birthday dude!
claudia007claudia007
FuckTheFuckingFuckers
The wonderful wizard of oz
davidthisisnotmypassword
supersizefrenchfries
pediatricsanthropometry
superelephanttesting
passwordhellotesting
jjjjjjjjjjjjjjjjjjjjjj
administratorlegendworld
(06-07-2014, 10:25 PM)undeath Wrote: [ -> ]just to give you an idea of recently cracked passwords:
Really? You were able to find these long passwords? Impressive!
What technique did you use, if it's not a secret?
I'm probably asking for spoon-feeding here. :p
Since oclHashcat has abandoned the 16 char limit for passwords these kind of passwords are not a challenge any more. With proper dicts and attack mode you can find them easily. Mainly just dict + rules and combinator mode. However attacks like the fingerprint attack provide many neat ways to find long passwords, too.
tethys,
Try it and see for yourself... :-)
Im using the linkedin leaked hash against wordlist I've downloaded from "https://human0id.net/dicts/musicbrainz/". By using just a straight dictionary attack I'm able to crack password as long as 30 characters.
Code:
./hashcat-cli64.app -m 100 -a 0 --remove -o ../cracked.txt ../unmasked.lst ~/Downloads/human0id/MusicBrainz/MusicBrainz.dic
Code:
Jantje zag eens pruimen hangen
savethecheerleadersavetheworld
in the beginning was the word
givemelibertyorgivemedeath
eastofthesunwestofthemoon
yonoquierovolvermetanloco
deathshallhavenodominion
bigtroubleinlittlechina
elvishasleftthebuilding
StrangerInAStrangeLand
harekrishnaharekrishna
xenathewarriorprincess
jesuschryslersupercar
à la claire fontaine
foreverblowingbubbles
fromthebottomtothetop
networknetworknetwork
thinkingofamasterplan
ÐриÑтократ
the audacity of hope
andatetuttiaffanculo
grassisalwaysgreener
internationalnetwork
iveseenallgoodpeople
opeengrotepaddestoel
somethingthatmatters
theendofthemillenium
Best regards,
Azren
Thank you, Azren and Undeath. Interesting indeed, Ill give it a try.