RTX 4090 can Crack Your Password in 50 Minutes
RTX 4090 can crack one of your passwords twice as quickly compared to the previous leader RTX 3090.
Threat analyst and password cracker Sam Croley expressed on Twitter how amazing the latest GeForce RTX 4090 is in breaching passwords. The Ada Lovelace architecture flagship graphics card can crack one of your passwords twice as quickly as the previous leader, the RTX 3090, by circumventing Microsoft’s New Technology LAN Manager (NTLM) authentication technique.
According to the researcher, all of the tests were performed using Hashcat v6.2.6 in benchmark mode. Hashcat is a popular and widely employed password-cracking tool utilized by system administrators, cybersecurity experts, and hackers to examine or guess user passwords.
“First @hashcat benchmarks on the new @nvidia RTX 4090! Coming in at an insane >2x uplift over the 3090 for nearly every algorithm. Easily capable of setting records: 300GH/s NTLM and 200kh/s bcrypt w/ OC! Thanks to a blazer for the run,” Croley tweeted.
Croley's benchmark run results
Based on the benchmark findings, a fully outfitted password hashing rig with eight RTX 4090 GPUs has the computing power to bypass through all 200 billion iterations of an eight-character password in 48 minutes. The sub-one-hour result is 2.5 times faster than the RTX 3090's previous record. Both benchmark measurements were performed using only commercially available GPU hardware and related software.
Additionally, the Hashcat software offers multiple assault types created to facilitate password recovery assistance or, depending on the user, unauthorized access to another's accounts. The attack types include dictionary attacks, combinator attacks, mask attacks, rule-based attacks, and brute force assaults.
While the benchmark results may sound ominous, it's important to note that the Croley performed a test on a limited set of real-world use cases and the cracking tool was working under ideal conditions on local/offline files.
Moreover, individuals with enough bank balance can afford to buy RTX 4090. The password-cracking tools cost $1,600 including electricity costs. Therefore, it’s not merely a question of will. The RTX 4090 lowers the cost of actually cracking passwords, which will continue to happen as long as more potent GPUs are published and security techniques are primarily unchanged.
The researcher advised users to employ multi-factor authentication and not use old passwords as it may allow a malicious hacker to get a hold of a password hash database.