It’s a great time to do a health check on your password security practices. It’s interesting to point out that eight of his Nvidia RTX 4090 cards can crack the most common password lengths in less than an hour, but the cost of cracking passwords plummets with each new generation. It is more important to note that
Twitter user Chick3nman tried again and showed that: He recently tested his current Best Graphics card and found that a single his RTX 4090 gives his performance on the Hashcat benchmark about 8x higher than the score he achieved with his GTX 1080 with 8 I discovered that That’s also nearly double the speed of his RTX 3090 in Nvidia’s previous generation.
First @hashcat benchmark on the new @nvidia RTX 4090! It shows a very high gain of more than 2x over the 3090 for almost all algorithms. Easy to set records: 300GH/s NTLM and 200kh/s bcrypt w/ OC! Thanks Blazer for running. Full benchmark here: https://t.co/Bftucib7P9 pic.twitter.com/KHV5yCUkV4October 14, 2022
Hashcat is special software used to test the cryptographic performance of graphics cards. This means both encryption and decryption. Graphics cards are also highly parallel engines, making them particularly well suited for cryptographic roles where performance is measured in hashes per second. After all, this is where the GPU mining crisis originated that lasted most of the life of his 30-series: explosive performance-per-watt gains (boosted by Ethereum pricing).
Of course, the graphics card can also find the correct password by trying all possible combinations. This is known as a brute force attack.there is 96^8 possibilities for an 8 character password, and that’s what the graphics card tries to break. It is an unimaginable number of 16 digits. But they ace it. After all, 8 of the new cards can crack his 8-digit password in 48 minutes. The cost is not negligible, but again, it’s lower than you might have imagined.
Computing performance is improving at a much faster rate than pure graphics rendering. At 4K, the most demanding resolution readily available, the RTX 2080 Ti is around 26% faster than the GTX 1080 Ti. The generation jump makes the RTX 3090 33% faster than the RTX 2080 Ti, and the RTX 4090 gets even better with a 33% improvement in generational performance.
This is (partly) because Nvidia isn’t just a games company, it’s a graphics processing unit company. Over generations, Nvidia has increasingly tuned their graphics cards for data center workloads, developing and adding hardware solutions (such as Tensor Cores) to speed them up. Data center hardware achieves a much higher ASP (average selling price) than consumer products such as gaming graphics cards, resulting in a higher ratio of computing performance to graphics rendering in the same timeframe No wonder I grew up in This is how graphics performance has improved across Nvidia’s top GPUs, generation after generation.
| Improved graphics performance | |
| RTX4090 | +39% |
| RTX3090 | +33% |
| RTX 2080 Ti | +26% |
| GTX 1080 Ti | Base line |
In the meantime, the Hashcat performance of the RTX 4090 is 800% higher than the GTX 1080. Sure, the tested RTX 4090 was overclocked, but it doesn’t produce a whole lot of extra performance without compromising power efficiency.
This improvement in cryptographic computation performance allows The amount of money a hacker would have to spend to crack a password. Don’t forget that hackers also have to invest in graphics cards (they’ve just gone up in price across generations). The person also has to manage the cost of electricity and working hours to crack her 8-character password (by the way, as of 2017, the most common password length in the world is just was his eight characters) (opens in new tab)). The lower the cost of hacking, the more attractive it is to hack a particular password. And the RTX 4090 costs half that, despite a $1,599 suggested retail price.
Interestingly, Nvidia is safely leading the Hashcat performance race. The RTX 4090 is almost twice as fast as his RTX 3090 across workloads, but three times faster than AMD’s RX 6900 XT. Of course, things could change with AMD’s RDNA3-based cards (we’ll know more before his November 3rd). However, Nvidia currently enjoys a sizeable lead here.
Note that online passwords, or passwords protected by two-factor authentication, are not covered here. These usually have mechanisms to prevent brute force attacks from working. This kind of attack is primarily aimed at offline password cracking, and in certain scenarios even millions of these attempts are attempted. However, certain scenarios, such as data breaches, can expose passwords. It can be displayed directly, or as plain text, or as an encoded hash. These encoded hashes (garbled characters resulting from the encryption process) are the encrypted data that the GPU must reverse engineer against the actual password.
Passwords are one of the necessary evils of the tech world, standing between hackers and the digital piece that stands on the other side of the input window. But as time goes on and the cost of cracking privacy-preserving passwords plummets, it’s probably wise to keep up with the times and adapt your security measures accordingly. Instead, simply increasing the password length is a good way to start: a string passphrase of words like “yourpasswordreallyshouldn’tbedecrypted” and some special characters, and/or one of the best password managers. Using one might be the answer. .
