H/s clarification
#2
So far so good, except this:

Quote:At least to me, this seems to translate to the number of hashes generated per second. If this is the case, the time required for comparison (step 3) will technically be unaccounted for if the H/s benchmark is used to back-calculate the time required to crack a password.

I think you let out the most important part: The human. The weak part in cracking password hashes is not the math, it's the user. Typical success rates are 50%-95% of unsalted hash leak dumps and 20%-70% of salted hash leak dumps. There's exceptions (ex: WPA) where it's more efficient to attack they keygen, but that's a corner case. However, do not try to calculate how long it takes to crack a password based on charset and password length or you will end up as many of the useless passwords strength meters.


Messages In This Thread
H/s clarification - by smark - 07-05-2017, 09:50 PM
RE: H/s clarification - by atom - 07-06-2017, 09:52 AM
RE: H/s clarification - by smark - 07-06-2017, 03:40 PM