~=8 Character Passwords Are Dead=~
New benchmark from the Hashcat Team shows a 2080Ti GPU passing 100 Billion password guesses per second (NTLM hash).
This means that the entire keyspace, or every possible combination of:
...of an 8 character password can be guessed in:
(8x 2080Ti GPUs against NTLM Windows hash)
@tinker Isn't NTLM hashes very weak, fast to compute?
With a traditional hash function, along with some reasonable number of rounds of PBKDF2 and 8 character passwords are still definitely viable.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!