GPU Cracking Time Calculator

TL;DR

This guide shows you how to estimate how long it will take to crack a password using your GPU. It involves knowing your GPU’s hash rate, the complexity of the password, and some basic calculations.

Calculating GPU Cracking Time

1. Understand Hash Rate: Your GPU’s hash rate is how many guesses it can make per second. This varies hugely depending on your GPU model and the cracking software used (e.g., Hashcat, John the Ripper). You need to find this out for your setup.
   • Finding Your Hash Rate: Run a benchmark with your chosen cracking software against a known password or hash. Most tools will display the hashes per second (H/s), kilohashes per second (kH/s), megahashes per second (MH/s) or gigahashes per second (GH/s).

     hashcat -m 0 --attack-mode 0 hash.txt ?a?a?a?a?a?a  --force

     (This example uses Hashcat with a simple attack to test speed.)

2. Password Complexity: The more complex the password, the longer it takes. Complexity is measured in ‘bits’ or ‘characters’.
   • Character Set Size: Determine the size of your character set (e.g., lowercase letters only = 26 characters; lowercase + uppercase = 52; adding numbers = 62; adding symbols can be much higher).
   • Password Length: The number of characters in the password.
   • Calculating Password Space: The total possible combinations is character set size raised to the power of password length.

     Total Combinations = Character Set Size ^ Password Length

     For example, a 8-character password using lowercase letters only (26 characters) has:

     26 ^ 8 = 208,827,064,576 combinations

3. Convert Hash Rate to Combinations Per Second: If your hash rate is in MH/s, convert it to hashes per second (H/s) by multiplying by 1,000,000. For GH/s multiply by 1,000,000,000.

   Example: If your GPU does 5 MH/s, that’s 5,000,000 H/s.

4. Calculate Cracking Time (in seconds): Divide the total number of password combinations by your hash rate.

   Cracking Time (seconds) = Total Combinations / Hash Rate (H/s)

   Using our previous example:

   208,827,064,576 combinations / 5,000,000 H/s = 41,765 seconds

5. Convert to More Understandable Units: Convert the cracking time from seconds into minutes, hours, or days.
   • Minutes: Divide by 60.
   • Hours: Divide by 3600 (60 x 60).
   • Days: Divide by 86400 (60 x 60 x 24).

   In our example, 41,765 seconds is approximately 1.16 hours.

6. Consider Real-World Factors: These calculations are theoretical.
   • Cracking Software Overhead: The software itself uses resources, reducing the effective hash rate.
   • GPU Temperature & Throttling: GPUs slow down when they get too hot.
   • Password Filters/Masks: Using filters or masks can speed up cracking if you have information about the password format but adds complexity to calculations.
   • Rainbow Tables (if applicable): Pre-computed tables can drastically reduce cracking time for common passwords, but are not useful against complex, unique passwords.

Remember this is an estimate. Actual cracking time will vary.