GPUs: Good for Gaming AND Cracking Passwords

21

Comments

+ Add a Comment
avatar

Morete

How about if you take her to the Biltmore Fashion Park and you can both go visit the Apple Store, lol.  Just kidding. 

avatar

Keith E. Whisman

Hey look at that, Coach purse for only $35 bucks... My wife would kill for a Coach purse. I can't take her to Scottsdale Fashion Square because of the Coach store there. She wants to spend all her time at the Coach store and I want to spend all my time at the Microsoft store. So fights always start when we are at that mall and I usually end up having to sleep on the Lay-Z-Boy Electric, vibrating, motorized recliner or the Lay-Z-Boy sofa.... God I love my recliner.... 

avatar

rseding91

Brute force is only good if you can get around the "maximum failed attempts" part of almost every password required feature.

avatar

mr_dirt

...of those keys on your keyboard can't be used in passwords.  a-z, 0-9, and depending on the website, some of the punctuation can be used.  I've yet to see a web site that allows 'delete' or 'PrintScreen/SysRq' in a password. 

That said, this is a pretty interesting application for GPUs, although not particularly surprising.  A big portion of that giant new Chinese supercomputer (Dawning Nebulae) gets is computing power from nVidia GPUs.

avatar

lse

I only count 94. Whats the 95th? Maybe it's just my keyboard.  HMMMM

avatar

PawBear

Few important sites permit more than short passwords.  I'm always left wondering just how vulnerable I am.  Now I know.

avatar

Mighty BOB!

It's even worse with sites that forbid anything other than letters and numbers..

Oh or then there's even a grade worse than that: sites that assign you passcodes and don't let you change them, and they're only 4 characters long and only numbers... T_T

avatar

winmaster

This really only applies to local attacks. With a remote attack, the bottleneck would surely be your Internet connection. And if the site features a captcha, a brute force would be very difficult.

avatar

stradric

I lost a password on a protected zip file and I've been looking for ways to crack it.  I known it's not a complicated password, but I can't remember it for the life of me.  I would love to use this software to crack it, but obviously it's a dangerous tool to have. 

avatar

fa1thful

Just write your own simple brute force program.  I'm actually in the process of programming one in C++ right now.  :D

 

Craig

 4th Yr Comp Sci Student

avatar

stradric

I could, but I don't have the researchers' awesome algorithm nor do I have any experience programming with the GPU pipeline.  Also, why reinvent the wheel and spend all that time writing and testing the app when I'm sure someone has already put the work in.

avatar

Keith E. Whisman

That's an easy one. There are quite a few websites with details and dedicated software on breaking password protected compressed files such as zip and rar. Just do a google search on zip password cracking and you'll get a bunch of responses.

avatar

stradric

It's actually PAE (power archiver encrypted).  I've done the search with no good results.  I don't think they extend an API or have an SDK -- just a command line app that I could script.  But I don't know of anything like the algorithm they are using in this article.

avatar

AMD4298

Who would want to hack my computer anyway?, besides there nothing personal on it.

avatar

Jdaily81

I bet the Dream Machine 2010 could pull off some hardcore password cracking!

avatar

Mighty BOB!

lol, they should make it a new benchmark during testing.

avatar

Keith E. Whisman

I believe there is a way to make a program that can build a badass password thats say 500 characters long. The program would take a simple password that you can easily remember like your name and birthday together and then the program builds a 500 character password that's linked to your easy passward. 500 characters is going to be pretty hard to crack considering the billions of possible combinations. So the passward generator can be on a USB thumb drive.

I know what I'm talking about is nothing new but 500 characters surely is something that's new. Just don't ever forget your simple pass code.

avatar

stradric

People have been doing this for a while with MD5, SHA1 or even SHA-512 hashes.

avatar

ddimick

KeePass (http://keepass.info/) can do this, although 500 characters is ridiculously long. However, do not use your name and birthday as your passphrase to access the KeePass database. Such a password would not even require a brute-force attach to crack and your entire password database would be wide open.

 

Instead, use a 8-12 character password containing uppercase, lowercase, punctuation and numbers. Better yet, use a PasswordCard (http://www.passwordcard.org/en) as they aren't succeptible to dictionary attacks. A brute-force attack would still work but it would take a very long time.

avatar

Hg Dragon

I rememeber this being talked about when the nVidia 8000-series were just coming out. The parallelism/programability of modern graphics cards make things like this so much easier than the old ways of brute-force and dictionary style of password cracking.

Log in to MaximumPC directly or log in using Facebook

Forgot your username or password?
Click here for help.

Login with Facebook
Log in using Facebook to share comments and articles easily with your Facebook feed.