Skip to main content

Hi there! I am a programmer and I'm very enthusiastic about OpenSource and OpenKnowledge.

twitter.com/koehr_in

github.com/nkoehring

alpha.app.net/koehr

koehr.in

Norman Köhring

the price to crack your password

6 min read

Nearly six years ago, I wrote about password complexity and showed how long it takes to crack passwords per length. You can find that article on github (in German).

So, times changed and I thought about a reiteration of that topic, but instead focussing on the amount of money you need to crack the password using Amazons biggest GPU computing instances p2.16xlarge, which – at the time of writing this - costs 14.4 USD per hour. I will also compare this with the much faster Sagitta Brutalis (nice name, eh?), a 18500 USD computer optimised for GPU calculation.

Disclaimer

The numbers on this article always assume brute-force attacks, that means the attacker uses a program that tries all possible combinations until it finds the password. The numbers indicate average time to compute all possible entries. If the program simply adds up, for example, from 000000 to 999999 and your password is 000001, it will be found much faster of course.

How long a single calculation needs also depends on the used hashing algorithm. I will compare some of the typically used algorithms. In case you have to implement a password security system, please use BCrypt which is in most cases the best choice but NEVER try to implement something on your own! It is never ever a good idea to create an own password hashing scheme, even if it is just assembled out of existing building blocks. Use the battle-tested standard solutions. They are peer-reviewed and the safest and most robust you can get.

Password complexity basics

Password complexity is calculated out of the possible number of combinations. So a 10-character password that only contains numbers is far less complex than a mix of letters and numbers of the same length. Usually an attacker has no idea if a specific password only contains numbers or letters, but a brute-force attack will try simpler combinations first.

To calculate the complexity of a password, find the amount of possible combinations first:

  • Numbers: 10
  • ASCII Lowercase letters: 26
  • ASCII Uppercase letters: 26
  • ASCII Punctuation: 33
  • Other ASCII Characters: 128
  • Unicode: millions

To get the complexity of your password, simply add up the numbers. A typical password contains numbers, lowercase and uppercase letters which results in 62 possible combinations per character. Add some punctuation to raise that number to 95.

Other ASCII Characters are the less typical ones like ÿ and Ø which add to the complexity but might be hard to type on foreign keyboards. Unicode is super hard (if not impossible) to type on some computers but would theoretically add millions of possible characters. Fancy some ਪੰਜਾਬੀ ਦੇ in your password?

A very important factor in the password complexity is of course also the length. And because random passwords with crazy combinations of numbers, letters and punctuation are hard to remember, some people suggest to use long combination of normal words instead.

The password ke1r$u@U is considered a very secure password as the time of writing this article. Its complexity calculates like this:

8 characters with 95 possibilites:

95^8 = 6634204312890625 = ~6.6×10^15

log2(x) calculates the complexity in bits:

log2(6634204312890625) = ~52.56 bits

Data sources

I didn't try the password cracking myself, and neither did I ask a friend (insert trollface here). Instead I used publicly available benchmark results:

The results

I will compare some widely used password hashing methods, programs and protocols for four different password complexity categories:

  • eight numeric digits (might be your birthday)
  • eight alphanumeric characters (eg 'pa55W0Rd')
  • eigth alphanumeric characters mixed with special character (eg 'pa$$W0Rd')
  • a long memorisable pass sentence ('correct horse battery staple')

eight numeric digits (might be your birthday)

hash Amazon Brutalis price to crack in less than a month
MD5 0.0s 0.0s $0.01 (1 EC2 instance)
Skype 0.0s 0.0s $0.01 (1 EC2 instance)
WPA2 1.27m 31.47s $0.30 (1 EC2 instance)
SHA256 0.01s 0.0s $0.01 (1 EC2 instance)
BCrypt 49.1m 15.77m $11.78 (1 EC2 instance)
AndroidPIN 4.65s 2.3s $0.02 (1 EC2 instance)
MyWallet 0.34s 0.25s $0.01 (1 EC2 instance)
BitcoinWallet 1.98h 46.26m $28.53 (1 EC2 instance)
LastPass 11.07s 5.4s $0.04 (1 EC2 instance)
TrueCrypt 9.06m 5.69m $2.18 (1 EC2 instance)
VeraCrypt 4d 2d $1120.45 (1 EC2 instance)

Conclusion: Don't do this. Never ever do this.

eight alphanumeric characters (eg 'pa55W0Rd')

hash Amazon Brutalis price to crack in less than a month
MD5 49.65m 18.17m $11.92 (1 EC2 instance)
Skype 1.3h 34.92m $18.67 (1 EC2 instance)
WPA2 6y 3y $499500 (27 Brutalis)
SHA256 4.94h 2.64h $71.15 (1 EC2 instance)
BCrypt 204y 66y $14.7M (797 Brutalis)
AndroidPIN 118d 59d $37000 (2 Brutalis)
MyWallet 9d 7d $3003.3 (1 EC2 instance)
BitcoinWallet 494y 193y $43.25M (2338 Brutalis)
LastPass 280d 137d $92,500 (5 Brutalis)
TrueCrypt 38y 24y $5.3M (288 Brutalis)
VeraCrypt 19381y 11629y $2.62B (141574 Brutalis)

eigth alphanumeric characters mixed with special character (eg 'pa$$W0Rd')

hash Amazon Brutalis price to crack in less than a month
MD5 2d 9.2h ~$362 (1 EC2 instance)
Skype 2d 17.7h ~$567 (1 EC2 instance)
WPA2 160y 67y ~$14.9M (806 Brutalis)
SHA256 7d 4d ~$2162 (1 EC2 instance)
BCrypt 6194y 1989y ~$448M (24,215 Brutalis)
AndroidPIN 10y 5y ~$1.09M (59 Brutalis)
MyWallet³ 265d 191d ~$129500 (7 Brutalis)
BitcoinWallet 14996y 5835y ~$1.3B (71,038 Brutalis)
LastPass 24y 12y ~$2.6M (139 Brutalis)
TrueCrypt² 1144y 718y ~$162M (8,742 Brutalis)
VeraCrypt¹ 588867y 353320y ~$79.6B (4,301,668 Brutalis)
  1. VeraCrypt PBKDF2-HMAC-Whirlpool + XTS 512bit (super duper paranoid settings)
  2. TrueCrypt PBKDF2-HMAC-Whirlpool + XTS 512bit
  3. Blockchain MyWallet: https://blockchain.info/wallet/

a long memorisable pass sentence ('correct horse battery staple')

Okay, this doesn't need a table. It takes millions of billions of years to even crack this in MD5.

As illustration: The solar system needs around 225 Million years to rotate around the core of the Milkyway. This is the so called galactic year. The sun exists since around 20 galactic years. To crack such a password, even when hashed in MD5 takes 3 trillion (million million) galactic years.

Of course nobody would ever attempt to do this. There are many possibilities to crack a password faster. Explaining some of them would easily fill another article, so I leave you here. Sorry.

Links

To find your way into the topic, you might visit some of the following links:

Norman Köhring

Blog's coming!

1 min read

Central part of this page should be my blog. But for now, all my articles are still waiting to be imported :(