The advent of GPGPU technology has allowed video cards to be used for a lot of different things, including scientific research. This week, a team from the Georgia Tech Research Institute has announced that it has been putting that graphics horsepower to work at cracking passwords.
As it happens, they're rather good at it, too.
The results of the research showed that the considerable parallel-processing power of today's high-end video cards could easily break through shorter passwords using brute-force methods. While trying every possible combination of characters would normally be very laborious, the massively-parallel nature of graphics cards makes the task much quicker and easier.
By taking advantage of programming environments such as CUDA, the team were able to write simple programs in C that could work through character combinations and guess passwords.
According to senior research scientist Richard Boyd, "Right now we can confidently say that a seven-character password is hopelessly inadequate - and as GPU power continues to go up every year, the threat will increase."
In fact, the team suggested that anything less than twelve characters would not be sufficiently safe going forward. Obviously longer and more complex passwords will be more secure, as they will take longer to crack using brute-force. In the future, the researchers believe that the best solution will be to use entire sentences instead of single words.
Unfortunately the researchers didn't reveal exactly which GPU they used. However, a GTX 295 hiding in the corner of the press shots points to NVIDIA's last-gen flagship being responsible. Given the advancement in processing power and multi-GPU scaling, we have to imagine that the latest hardware would be even more of a threat to simple passwords.
