~=8 Character Passwords Are Dead=~
New benchmark from the Hashcat Team shows a 2080Ti GPU passing 100 Billion password guesses per second (NTLM hash).
This means that the entire keyspace, or every possible combination of:
...of an 8 character password can be guessed in:
(8x 2080Ti GPUs against NTLM Windows hash)
@tinker those were never good passwords to begin with, but how do you counter this without changing password habits? after all moore's law will make longer and longer passwords crackable
has some good bits in regard to that!
@DJWalnut - I recommend passphrases of five words. Easy for a person to remember, harder to crack.
Ideally use a password manager and inplement multifactor authentication every where you can.
Don't reuse passwords, this attack is based on the machine already being compromised.
Xkcd style passwords, 4+ random words.
If you have control over it, slow down the hashing to the maximum time you want to wait for a login to validate.
For remote attacks, limit the amount of tries per time window
@piggo - This is the attempt rate against NTLM hashes in an offline attack. So you can attempt 800 Billion guesses per secone in the setup I described. You will go through every possible combination of an 8 character password (using characters that are found on standard keyboards) in less than 2 and a half hours.
@tinker Isn't NTLM hashes very weak, fast to compute?
With a traditional hash function, along with some reasonable number of rounds of PBKDF2 and 8 character passwords are still definitely viable.
@loke - Don’t think so... even slow hashes may take days at maximum. Still within an attacker’s time budget. Benchmarks will tell for certain though!
With the right number of iterations you can make the hashing take any time you want. If you set it to take a significant fraction of a second you can make even shorter passwords safe.
@pfm - Here is hashcat’s post: https://twitter.com/hashcat/status/1095807014079512579?s=21 - You can also check out the hashcat forums at https://hashcat.net/forum/
@tleydxdy - I dont have an accurate benchmark, but I’d estimate several hours to a day or two at max.
@proxeus - This is for an offline attack where a cracker has access to the password hash. Results are consistent.
@tinker I get 18.5 hours for full search (half of it on average):
# exp (8. *. log 95.) /. 100e9 /. 36e2 ;;
- : float = 18.4283453135850586
More than ~2.5 hours… but of course nevertheless.
OTOH, in Windows one doesn't need to brute-force that much… Would be more interesting to test e.g. crypt(3).
@tinker Also, an interesting question along these lines: should one use longer passwords (12 of ASCII7 or 24 decimal digits) to log into sites? (As opposed to local storage encryption.) I'd say, yes, because the sites should store the users data properly encrypted in their databases, and the users, in their turn, should use strong enough keys, so the hassle is worth it.
@tinker Is there a link for that I can put into other social sites?
@Cedara - Here is hashcat’s post: https://twitter.com/hashcat/status/1095807014079512579?s=21 - You can also check out the hashcat forums at https://hashcat.net/forum/
@fuyuhikodate - Here is hashcat’s post: https://twitter.com/hashcat/status/1095807014079512579?s=21 - You can also check out the hashcat forums at https://hashcat.net/forum/
@tinker they were still alive?
@cbowdon - In every corporate environment I’ve ever hacked.
@tinker welp, that’s depressing
@cbowdon - Yep.
@tinker my main disappointment with people demonstrating has strength on NTLM hashes is the same as when a pen tester tells me they got my /etc/passwd file. That hasn’t been an important security control for decades. It’s like cracking single DES passwords from 1974 unix systems. If, in 2019, NTLM hashes are protecting something important to someone, the fact that they are easier to crack is not their big problem.
@paco - If they got access to /etc/passwd file that you were using and used it to privilege escalate or make lateral movements, then I’d imagine you’d care.
Similar with corporate environments who use NTLM for localhost password storage or Active Directory authentication and have a corporate policy that allows for a minimum of eight character passwords.
This matters precisely because it is still in widespread use.
@tinker The case against NTLM was made a decade ago. The fact that it went from double digit hours to single digit hours isn’t going to motivate someone who wasn’t motivated by all the other sound reasoning. As I said, if they are knowledgable of the risks, and yet somehow still comfortable running NTLM, this isn’t going to change their mind.
@tinker Fourteen is the new eight.
@tinker what about SHA1?
But I’m still coming across websites who flip out if you go more than 13 characters.
One example, not a website, but you can’t log in to Xbox360 if your Microsoft account password is more than 13 characters I think. It might even be less >:(
Emoji passwords to the rescue!!!
@tinker so what is the risk to a home laptop? Someone would have to physically gain access? How would my laptop pw hash be captured for hacking?
@donblanco - As long as its encrypted, you’re fine. For home networks, make sure your wifi password is long.
@tinker so are login passwords on linux typically hashed or encrypted?
@tinker NTLM isnt good anyway 🤔
@tinker Leaked hashed passwords have been considered nearly equivalent to plaintext for quite a while now. 8 character passwords are dead for anything that could be subject to an offline attack, but for the most part anything that could be subject to an offline attack is broken anyway. 8 character passwords are still fine for anything that's not likely to be subjected to an offline attack.
As long as they don't get the general and per account salt ...
But this is offline ... On online passwords are more variables involved
@MikeAc77 - Yep!
@tinker In order to have a hash offline, doesn't this mean that some other system has to be breached in the first place? or MITM? This seems to be something interesting in the lab, but a more rare threat in the wild.
@rugk @shibayashi @kaniini - NTLM most certainly is dead (even for 9char passwords). But 8char passwords are dead across a wide variety of hash types, even slow hash types that push out the crack time for the entire keyspace to a couple of weeks. Still within many attacker's time and resource budget.
A Mastodon instance for info/cyber security-minded people.