Federated Republic of Sean is a user on retro.social. You can follow them or interact with them if you have an account anywhere in the fediverse.

~=8 Character Passwords Are Dead=~

New benchmark from the Hashcat Team shows a 2080Ti GPU passing 100 Billion password guesses per second (NTLM hash).

This means that the entire keyspace, or every possible combination of:
- Upper
- Lower
- Number
- Symbol

...of an 8 character password can be guessed in:

~2.5 hours

(8x 2080Ti GPUs against NTLM Windows hash)

#Hacking #Infosec

Federated Republic of Sean @freakazoid

@tinker Leaked hashed passwords have been considered nearly equivalent to plaintext for quite a while now. 8 character passwords are dead for anything that could be subject to an offline attack, but for the most part anything that could be subject to an offline attack is broken anyway. 8 character passwords are still fine for anything that's not likely to be subjected to an offline attack.

· Web · 2 · 1