[JohnR]

Food for thought without getting too sexy.

Quote:

Ordinary desktop computers can test over a hundred million passwords per second using password cracking tools that run on a general purpose CPU and billions of passwords per second using GPU-based password cracking tools.[4][5][6] See: John the Ripper benchmarks.[7] A user-selected eight-character password with numbers, mixed case, and symbols, reaches an estimated 30-bit strength, according to NIST. 230 is only one billion permutations and would take an average of 16 minutes to crack.[8] When ordinary desktop computers are combined in a cracking effort, as can be done with botnets, the capabilities of password cracking are considerably extended. In 2002, distributed.net successfully found a 64-bit RC5 key in four years, in an effort which included over 300,000 different computers at various times, and which generated an average of over 12 billion keys per second.[9] Graphics processors can speed up password cracking by a factor of 50 to 100 over general purpose computers. As of 2011, available commercial products claim the ability to test up to 2,800,000,000 passwords a second on a standard desktop computer using a high-end graphics processor.[10] Such a device can crack a 10 letter single-case password in one day. Note that the work can be distributed over many computers for an additional speedup proportional to the number of available computers with comparable GPUs.