GeForce RTX 4090 is not just very suited for 4/8K gaming but also for password cracking
Click here to post a comment for GeForce RTX 4090 is not just very suited for 4/8K gaming but also for password cracking on our message forum
fantaskarsef
So now it's secret services buying GPUs by the bulk? 😀
wavetrex
8-digit, lol.
Those that still use such short passwords in 2022 really deserve to get their accounts accessed by 3rd parties.
My passwords START at 13 characters, I have one that is 18 characters long, including punctuation, upper and lowercase, numbers, and the most complex one I use even has an unicode character in it which I have to type with Alt+keypad, as it's not available normally on the keyboard.
Good luck cracking that with a zillion 4090s.
fantaskarsef
It makes me really sad that passwords I have to set occasinally can't be too long since it breaks my companies systems... it's really sad.
Meathelix1
OMG Amazing 8 of them can crack passwords from the early 2012s...
Nowadays most important stuff is 2-step auth. Good luck cracking that.
Also of course the 4090 was only really made for 4k / 8k gaming you would have to be out of your mind to buy a 4090 for 1080p or 1440p. It's only been a week and we are seeing more 4090's just sitting on shelves, hell some haven't even sold out from the beginning. So many people rushing out to get a 4090, that they are gathering dust! 😀
wavetrex
The blame is on that company, not on you. I would complain to IT about the password length limit every day ...
"you guys are playing with supercritical plutonium every day of not fixing this !"
"so, how long until we end up in the news that we got haxxed and ransomed?"
"security from the 90s does not good business make"
fantaskarsef
Even better when IT advises to use a password safe program... so that you replace all your passwords... with a single one. And please, 8-12 chars only. 🙄
With that, you don't even need to SLI those 4090s, a day's work lets one hack any company, I bet. But hey, phishing attacks still work, so I guess no need to actually crack passwords when people... just tell you.
Marios145
This is why I don't use a password to login on Windows for my computer.
The1
Just beautiful...!!
The new crypto...gpu prices through the roof again because every Junior now thinks that they can get rich by doing nothing but cracking passwords!!!
Try a 100, succeed with 10 and access 1 person's banking info. etc.
Catspaw
Yes, there is also that small part to mention about one of them being illegal.
cucaulay malkin
Cool story
Timur Born
Most password based login systems I encountered either blocked access after too many failed attempts or at least increases the time between each try. So the reported times are rather a best case scenario for password protected files on a local drive where no one audits the failed attempts.
hamltnblue
I'm curious how it can be done so fast if you only get a few attempts before being locked out?
gQx
you are the man
rl66
The 8 digit is a "hard" password, most people use 4 digit (the same as the pin of their phone... 2 hack at once 🙂 ) and other use "admin" "mypassword" etc lol
Also, technicaly, a full one with punctuation and special key and up/lowercase is more hard to found for human ONLY.
A machine doesn't care about that...
Netherwind
2020 : GPU shortage due to chip shortage
2020 : Scalpers disrupt the market for normal users
2021 : Miners decimate the market buying everything
2022 : Retailers inflate GPU prices
2022 : Hackers buy high end cards
When will it be back business as usual? 😱
Jason5551
stop talking nonsense people, after 5 failed attempts on important apps or sites lock the account. the odds of 4090 getting the right password in first 5 attempts is highly unlikely.
GeniusPr0
*database gets hacked*
*Password leaks
What now Mr 18 char
Richard Nutman
That's not how it works.
Websites don't typically store your password, they just store the hash of it. When the inevitable data breach occurs, hackers can run software like this to try and find a password that matches against the hash in the data of all users they have. It could even be not your actual password, as long as the hash generator produces the same value.
Then they have access to your account, as they have a working password that will produce the same hash.
Two factor authentication is a must for any important account. Though there have been incidents where hackers have gotten around it with sim jacking. Basically, convince your phone carrier to send a new sim out to a new address, they use it, and now the 2FA text arrives on their phone.
Zooke
That's 6h 38m to try every combination, in real world use your average is 1/2 that or considerably less if you apply a bit of social engineering to your method.
For instance, many wifi routers have a strict set of characters used in their randomly generated default passwords. Once you know this, you exponentially cut down the number of possible combinations.
Does it increase the likelihood of some teenager down the road using your wifi for free, sure it does.
Is this something to genuinely worry about ? I would say no. Any powerful entity has a multitude of tools at their disposal and password hash cracking is going to be way down their list of prioritised attacks.
That's my take on the story.
TLD LARS
This password cracking scenario is very unrealistic.
The password requester needs to be perfectly designed for being brute forced like this.
No 3 strikes and you are out.
No 2 factor.
No 1 sec pause between logins.
No retype of login name.
No captcha.
Super fast internet latency.
No DDOS detection.
No security questions.
No forced password change after 100 login attempts.
No login from different IP address detection.
No local ID file on login computer.
And many other obstacles are possible to prevent this kind of brute force.
