{"id":338,"date":"2025-03-11T20:26:18","date_gmt":"2025-03-11T20:26:18","guid":{"rendered":"https:\/\/securepathways.ca\/?p=338"},"modified":"2026-05-11T12:55:24","modified_gmt":"2026-05-11T19:55:24","slug":"some-passwords-can-be-cracked-in-an-instant-but-who-is-actually-to-blame","status":"publish","type":"post","link":"http:\/\/securepathways.ca\/index.php\/2025\/03\/11\/some-passwords-can-be-cracked-in-an-instant-but-who-is-actually-to-blame\/","title":{"rendered":"Some passwords can be cracked in an instant \u2013 but who is actually to blame?"},"content":{"rendered":"\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
\n

Some passwords can be cracked in an instant \u2013 but who is actually to blame?<\/h1>\n

Out of 193 million leaked passwords, researchers cracked around half of them within an hour. But the blame must In a recent report, security researchers from Kaspersky show how they have cracked passwords in seconds using modern graphics cards. For this to work, however, a number of conditions must be met. The blame for this does not lie solely with owners of online accounts and their “weak” passwords.<\/p>\n\n<\/header><\/div>\n

\n
\n
\n

Methodology<\/h3>\nIn their experiments, the researchers reportedly<\/a>\u00a0used the computing power of Nvidia’s current high-end GPU GeForce RTX 4090 to crack passwords offline using a brute force or dictionary attack.\n\nThe brute force approach involves bluntly trying all conceivable combinations of characters until a password is guessed. The more computing power available, the faster the query. In dictionary attacks, cyber criminals draw on large lists of leaked log-in data and try them out.\n
\n
\n

Read also<\/h3>\n<\/header>
\n
<\/figure>\n
\n

Passwortsicherheit \u2013 Alles, was Sie wissen m\u00fcssen<\/span><\/span><\/h3>\n<\/header><\/div>\n
<\/div>\n<\/article><\/section><\/div>\n<\/div>\nThe researchers used 192 million leaked passwords circulating on the darknet as a basis. In their experiments, they treated the passwords with the hash algorithm MD5, including the salt value, before cracking them. MD5 has long been considered insecure, but this is a theoretical attempt. They state that the computing power available to them can try 164 billion hashes per second.\n\nIn this scenario, they say they were able to crack 28% of passwords with upper and lower case letters in less than a minute. If numbers are added, the figure shrinks to three percent. And for 55 percent, the process would take longer than a year due to the complexity of the password. With optimized algorithms such as negram_seq, which calculate the probability of the next character, they were able to further increase the success rate.\n
\n
\n
<\/div>\n<\/div>\n
\n
<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t