CATEGORIES
home News

Just A Few GeForce RTX 4090 Cards Can Crack Your Passwords In Under An Hour

by Mark TysonTuesday, October 18, 2022, 01:00 PM EDT
aorus geforce rtx 4090
Security analyst Sam Croley is a specialist in password cracking, and has just found a new best friend: the NVIDIA GeForce RTX 4090. Impressively, the Ada Lovelace architecture flagship graphics card is over twice as fast at password cracking as its direct Ampere architecture predecessor. What this means in practical terms is that someone wishing to crack or recover an eight-character password with a rig featuring an octet of RTX 4090 cards, can reliably do so in under 50 minutes.

While most tech enthusiasts have been busy trying to see how many FPS they can get in various demanding modern games titles, Croley says he has compiled the first Hashcat password cracking tool benchmarks using systems based around the new $1,599 MSRP (but sometimes much pricier) GPU.

In Croley's tests, the RTX 4090 was assessed using hashes generated by Microsoft's New Technology LAN Manager (NTLM) authentication protocol, plus Bcrypt. Complex non-dictionary passwords were used in these tests—including random letter cases, numbers, and even symbols—to make it hard for the cracking tool. Hashcat uses several different algorithms to try and crack output from password hashing tools, and version 6.2.6 of the software was used in benchmark mode to assess the capabilities of the new RTX 4090. Excitedly, Croley Tweeted that the GeForce RTX 4090's performance was "Coming in at an insane >2x uplift over the 3090 for nearly every algorithm," He also suggested that the new GPU was easily capable of setting records, thanks to its 300GH/s NTLM and 200kh/s Bcrypt performance with overclocking.

hashcat password cracking hero

So, what is the implication of Croley's benchmark run, in layman's terms? Firstly, the RTX 4090 seems to have almost 2.5x the cracking power of the RTX 3090 for a modest price hike. Secondly, it appears to mean that someone with a rig of eight RTX 4090 graphics cards can crack a complex password of up to eight characters in just 48 minutes. Remember the input passwords were complex in nature (mixing lower- and upper-case letters, numbers and symbols). If a user decided to use a dictionary word, or a shorter word as a password, it would be unearthed much faster.

It might be worrying to read that your gobbledegook eight letter password can be cracked in under an hour by an octa-RTX 4090 rig, but the cracking tool was working under ideal conditions on local / offline files. If trying to crack a web-service password, for example, a cracking system would be faced with a lot of time-sapping and repeat attempt suffocating security checks. Still, this is concerning for any time a malicious actor is able to get a hold of a password hash database, so we would like to remind our readers not to reuse passwords.
Tags:  GeForce, Hacking, Passwords, (nasdaq:nvda), rtx 4090
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment