Sometimes we can’t even get the basics of Cybersecurity correct

Password: “ColdOutThereInMySumm3RCoat” … Thank You, Password of “ColdOut” is Correct

Okay. A simple tutorial for you. Let’s take a password of “Apple”. If we use SHA-1, we hash this password and get a hash of [here]:

476432A3E85A0AA21C23F5ABD2975A89B6820D63

Now we have used a 128-bit hashing method (SHA-1), there are 2¹²⁸ different hashes. If we brute force with a 1TH/sec cracker, it will take (2¹²⁸/1x10¹²):

3,400,000,000,000,000,000,000,000,000,000,000 seconds

But we do not need to do this, as passwords are often not random, so we can either perform a dictionary attack or brute force with a given character set. So, let’s say a dictionary attack will not work, and now let’s see how long it will take to crack our hashed password.

If we assume we have upper and lower case, along with numbers and other characters [!@#$%^&*()+_], we have 74 different characters, so a 5 character password has 70⁵ different combinations. If we use a 1 THash/sec cracker, the maximum time to crack the password will be 70⁵/1x10¹², and which is equal to 2.2 ms (one thousands of a second).

2.2 millisecond