Sign in with
Sign up | Sign in

Password Cracking: CPU-Powered

Harden Up: Can We Break Your Password With Our GPUs?
By

There are a myriad of programs to choose from for recovering passwords, but two most popular programs are Advanced Archive Password Recovery and Visual Zip Password Recovery Processor. When I lost the password to my WinZip file, I was able to use the first to recover a seven-character-long password within 20 minutes. But this got me a bit curious. How fast was my computer searching for passwords? What would have happened if I had used a stronger encryption method, like AES-128?

More important: are all of your password-protected archives really only 20 minutes away from being opened by someone who shouldn't have access to them?

Brute-Force Attack Speed
Passwords Per Second
Advanced Archive Password RecoveryVisual Zip Password Recovery Processor
Compression: None
Encryption: Zip 2.0
28 357 311
20 943 157
Compression: None
Encryption: AES-128
9715
fail
Compression: None
Encryption: AES-256
9713
fail
Compression: Zip
Encryption: Zip 2.0
28 492 733
20 888 938
Compression: Zip
Encryption: AES-128
9733
fail
Compression: Zip
Encryption: AES-256
9760
fail
Compression: RAR Store
Encryption: AES-128
213
-
Compression: RAR Store
Encryption: AES-128, File Names
202
-
Compression: RAR Normal
Encryption: AES-128
213
-
Compression: RAR Normal
Encryption: AES-128, File Names
202
-


As you can see, compression has a minor effect on the speed at which you can try plugging in passwords, but the biggest weakness is in the older Zip 2.0 encryption scheme. As a result, a five-character password is detected in just a few seconds because you can crunch about 28 million passwords per second using a Core i5-2500K. Visual Zip also found the correct password in the Zip 2.0 encryption method, but due to a software problem, it cannot detect a password of any length encoded in AES-128.

Of course, this doesn't really tell the full story. We don't care about speed for the sake of showing off what a new CPU can do (though this could, in fact, make an interesting benchmark). We care about it because it affects the speed at which I can recover a password.

Total Time for Search If You're Churning Through 28 Million Passwords/Second
Passwords Between 1 and 4 Characters
Passwords Between 1 and 6 CharactersPasswords Between 1 and 8 CharactersPasswords Between 1 and 12 Characters
Lower-case
instant
11 seconds
2 hours
112 years
Lower-case and Upper-case
instant
12 minutes
22 days
451 345 years
All ASCII characters
3 seconds
7 hours
8 years
701 193 345 years


Even if you assume that you can try 28 million passwords per second, your chances of guessing the right one get increasingly dim as you move to longer passwords and larger character sets. Spending a whole month to crack an eight-character password composed of letters isn't a terrible prospect if the protected data is really important. But 700 million years is probably too long to ask you to wait.

Fortunately, Advanced Archive Password Recovery allows you to pause and save the position of your search. And, if you have a few computers at your disposal, you can really cut down on the time investment by distributing the workload. Getting scared yet?

React To This Article