Password protection shattered by cheap GPUs
04 October 2011 | 9670 views | 3
Hackers are using cheap consumer hardware to crack even the most complex passwords in a matter of seconds, according to tests run by server hosting firm UKFast.
UKFast says that a £30 graphics card can be used to boost PC performance to process 158 million possible passwords per second, shattering beliefs that a long password that includes a random combination of symbols, numbers and letters is sufficient to protect sensitive and personal information.
Stuart Coulson, UKFast's security expert says: "A typical home GPU can process 9 million passwords per second, this really shows the power of these graphic processing units. Reasonably complex passwords can therefore be compromised quite quickly by using cheap consumer hardware,"
Using an nVidia GeForce GT220 graphics card - that can be bought for as little as £30 - with the latest drivers on Windows 7, UKFast's security experts were able to crack a 6 character password in 12 seconds, a seven character password in less than five minutes, and an eight character password in four hours.
The current top-specification graphics cards, costing £600, make light work of password cracking, processing 10.3 billion passwords per second.
Users are urged to protect themselves by changing their passwords often and thinking about the complexity and length of their passwords.
Coulson continues: "Nobody is immune to the damage a weak password can cause - even those in high-powered positions of authority. Every extra character makes the hacker's job more difficult because there are so many more possibilities for what that character can be and the more you can introduce to your password, the safer it is."