1. scrypt and bcrypt are some memory hard algorithms and in general are better suited for CPUs (yeah, the majority of other algos is the opposite, i.e. the majority can profit from GPU power a lot more).... the problem most of the time is that the users don't have e.g. 6 CPUs per system, but a lot of GPUs.... therefore 6 GPUs can still be faster than CPU cracking in some cases
2. 14 H/s divided by 6 i.e. 14/6 = 2.333 H/s ... since hashcat doesn't show hashes per milliseconds (fractions of seconds) or halves of hashes per second (lol), 14 H/s is totally fine because it's the total average speed of the entire system.
btw: you should first look at more advanced attack modes like rule-based attacks combined with dictionaries (see https://hashcat.net/wiki/doku.php?id=rule_based_attack). Also have a look at the list of available attack modes supported by hashcat https://hashcat.net/wiki/#core_attack_modes ...
hint: especially for slow algorithms, most attack modes are better suited than brute-force (or mask attack) even if the speed is sometimes even slower ... brute-forcing should most of the time be the last desperate attempt/plan/strategy, except if the password is completely random or has a very specific pattern (which can be exploited by using custom charsets within the masks etc)
2. 14 H/s divided by 6 i.e. 14/6 = 2.333 H/s ... since hashcat doesn't show hashes per milliseconds (fractions of seconds) or halves of hashes per second (lol), 14 H/s is totally fine because it's the total average speed of the entire system.
btw: you should first look at more advanced attack modes like rule-based attacks combined with dictionaries (see https://hashcat.net/wiki/doku.php?id=rule_based_attack). Also have a look at the list of available attack modes supported by hashcat https://hashcat.net/wiki/#core_attack_modes ...
hint: especially for slow algorithms, most attack modes are better suited than brute-force (or mask attack) even if the speed is sometimes even slower ... brute-forcing should most of the time be the last desperate attempt/plan/strategy, except if the password is completely random or has a very specific pattern (which can be exploited by using custom charsets within the masks etc)