(05-27-2013, 12:34 PM)atom Wrote: Organizers lost the focus on the reason why password cracking contests have been made initially
The organizers, usually IT-security companies, wanted to improve their cracking techniques they use in a pentest. They have to find a way to deal with a problem that "breaking" hashes is theoretically not solveable except using brute-force techniques (which takes to long).
The only reason why we're able to crack passwords at such high rates is that most of them are of very simple or medium entropy. Humans do make bad passwords and hashcat is designed to exploit this very efficiently.
When the organizers choose to not use Real-Life passwords they took away one of hashcats key strengths.
Why not think about it like organisers in search of people being to reverse unknown logic (with limited hints) without the dependency on the tools to do the checking. I guess not like some headhunting action, but just to bring something new in the battle of those menioned 3 teams and make it less hardware dependent, but who knows, maybe there'll be news about new department in Positive in some time