Bitcoin Forum
March 28, 2024, 08:13:31 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 [3]  All
  Print  
Author Topic: How long would take to break a 13 character password  (Read 4828 times)
achow101
Staff
Legendary
*
Offline Offline

Activity: 3346
Merit: 6473


Just writing some code


View Profile WWW
September 28, 2016, 04:06:25 AM
 #41

Qantum computer will do it instantly.
Not they won't. Stop spreading FUD. Quantum Computers are not magical computers that make everything infinitely faster. They have limits and they have specific use cases. QCs are no better at hashing things than classic computers. Stop posting when you have no idea what you are talking about.

1711613611
Hero Member
*
Offline Offline

Posts: 1711613611

View Profile Personal Message (Offline)

Ignore
1711613611
Reply with quote  #2

1711613611
Report to moderator
1711613611
Hero Member
*
Offline Offline

Posts: 1711613611

View Profile Personal Message (Offline)

Ignore
1711613611
Reply with quote  #2

1711613611
Report to moderator
1711613611
Hero Member
*
Offline Offline

Posts: 1711613611

View Profile Personal Message (Offline)

Ignore
1711613611
Reply with quote  #2

1711613611
Report to moderator
There are several different types of Bitcoin clients. The most secure are full nodes like Bitcoin Core, which will follow the rules of the network no matter what miners do. Even if every miner decided to create 1000 bitcoins per block, full nodes would stick to the rules and reject those blocks.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1711613611
Hero Member
*
Offline Offline

Posts: 1711613611

View Profile Personal Message (Offline)

Ignore
1711613611
Reply with quote  #2

1711613611
Report to moderator
startselect
Sr. Member
****
Offline Offline

Activity: 313
Merit: 250


View Profile
September 28, 2016, 10:15:08 PM
 #42

Qantum computer will do it instantly.
Not they won't. Stop spreading FUD. Quantum Computers are not magical computers that make everything infinitely faster. They have limits and they have specific use cases. QCs are no better at hashing things than classic computers. Stop posting when you have no idea what you are talking about.

If what you say is true, the comment doesn't qualify as FUD. FUD means fear, uncertainty, and doubt. The correct respond would have been stop hyping quantum computers.
achow101
Staff
Legendary
*
Offline Offline

Activity: 3346
Merit: 6473


Just writing some code


View Profile WWW
September 29, 2016, 01:59:00 AM
 #43

Qantum computer will do it instantly.
Not they won't. Stop spreading FUD. Quantum Computers are not magical computers that make everything infinitely faster. They have limits and they have specific use cases. QCs are no better at hashing things than classic computers. Stop posting when you have no idea what you are talking about.

If what you say is true, the comment doesn't qualify as FUD. FUD means fear, uncertainty, and doubt. The correct respond would have been stop hyping quantum computers.
it is most certainly FUD. He is spreading the Fear that QC's can break everything that we know today instantly, Uncertainty in what QC's can actually do, and Doubt that current crytposystems are able to withstand attacks from QCs.

mamichula
Sr. Member
****
Offline Offline

Activity: 308
Merit: 253


View Profile
September 29, 2016, 04:37:41 AM
 #44

why are you using any words of any type in the first place? there's only 250-300,000 in English, far less in other languages. memorize some random nonsense and you're suddenly far ahead of the game.

He said two words that only makes sense to him. So I don't think it would be in the English language.
Gleb Gamow
In memoriam
VIP
Legendary
*
Offline Offline

Activity: 1428
Merit: 1145



View Profile
September 29, 2016, 04:48:31 AM
 #45

why are you using any words of any type in the first place? there's only 250-300,000 in English, far less in other languages. memorize some random nonsense and you're suddenly far ahead of the game.

He said two words that only makes sense to him. So I don't think it would be in the English language.

Akin to bakked kugelis = 8@Kk3dkug3l1S (extra 'k' added).

https://en.wikipedia.org/wiki/Kugelis

PlanetOfBets
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250



View Profile
October 11, 2016, 08:56:06 PM
Last edit: January 20, 2017, 12:17:15 PM by PlanetOfBets
 #46

i have 18 chaacters account but i forget sometimes
It may seem strange that those who do not think that an ordinary person can hack into their facebook or blogger address and pass on to other accounts they have linked to these accounts (the "sign in with facebook" event). You can also say "blogger", google accounts amk, direct wallet, e-mail, documents etc. More nolsun.

It is your benefit that someone will sit down and say, "I'm a loser," but it's a low probability, an exposition on the street, a collective account information aggregation (psn case) or a "heartbreaking" situation.

You do not need to sit down and get 18-something, but you need to go a little further than the "princess34" line. And of course, how much less we say, using different passwords for each account.
CC-Resurgam
Sr. Member
****
Offline Offline

Activity: 406
Merit: 250


I Shall Rise Again From The Ashes Of My Failures.


View Profile WWW
October 11, 2016, 09:51:17 PM
 #47

alright so not counting quantum computers, or knowledge of you. i would say it would take rouble a week. given that the two words you used are in a dictionary, and it is not in L33T that said, the best password is something that has no personal meaning. is not a common phrase. and has symbols and numbers randomly interchanged with letters, or in the mix.


 ▄▄▄▄▄▄▄▄▄▄▄     ▄▄▄▄▄▄▄▄▄▄▄    ▄▄▄▄▄▄▄▄▄▄▄    ▄                  ▄    ▄▄▄▄▄▄▄▄▄▄▄    ▄▄▄▄▄▄▄▄▄▄▄    ▄▄▄▄▄▄▄▄▄▄▄    ▄▄            ▄▄
▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░▌              ▐░▌▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░░▌        ▐░░▌
▐░█▀▀▀▀▀▀▀█░▌▐░█▀▀▀▀▀▀▀▀▀  ▐░█▀▀▀▀▀▀▀▀▀  ▐░▌              ▐░▌▐░█▀▀▀▀▀▀▀█░▌▐░█▀▀▀▀▀▀▀▀▀  ▐░█▀▀▀▀▀▀▀█░▌▐░▌░▌     ▐░▐░▌
▐░▌              ▐░▌▐░▌                    ▐░▌                    ▐░▌              ▐░▌▐░▌              ▐░▌▐░▌                    ▐░▌              ▐░▌▐░▌▐░▌ ▐░▌▐░▌
▐░█▄▄▄▄▄▄▄█░▌▐░█▄▄▄▄▄▄▄▄▄  ▐░█▄▄▄▄▄▄▄▄▄  ▐░▌              ▐░▌▐░█▄▄▄▄▄▄▄█░▌▐░▌  ▄▄▄▄▄▄▄▄  ▐░█▄▄▄▄▄▄▄█░▌▐░▌ ▐░▐░▌  ▐░▌
▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░▌              ▐░▌▐░░░░░░░░░░░▌▐░▌▐░░░░░░░░▌▐░░░░░░░░░░░▌▐░▌   ▐░▌    ▐░▌
▐░█▀▀▀▀█░█▀▀  ▐░█▀▀▀▀▀▀▀▀▀    ▀▀▀▀▀▀▀▀▀█░▌▐░▌              ▐░▌▐░█▀▀▀▀█░█▀▀  ▐░▌  ▀▀▀▀▀▀█░▌▐░█▀▀▀▀▀▀▀█░▌▐░▌     ▀      ▐░▌
▐░▌         ▐░▌     ▐░▌                                        ▐░▌▐░▌              ▐░▌▐░▌         ▐░▌     ▐░▌              ▐░▌▐░▌              ▐░▌▐░▌             ▐░▌
▐░▌          ▐░▌    ▐░█▄▄▄▄▄▄▄▄▄    ▄▄▄▄▄▄▄▄▄█░▌▐░█▄▄▄▄▄▄▄█░▌▐░▌          ▐░▌    ▐░█▄▄▄▄▄▄▄█░▌▐░▌              ▐░▌▐░▌             ▐░▌
▐░▌           ▐░▌   ▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌▐░▌           ▐░▌   ▐░░░░░░░░░░░▌▐░▌              ▐░▌▐░▌             ▐░▌
  ▀               ▀       ▀▀▀▀▀▀▀▀▀▀▀    ▀▀▀▀▀▀▀▀▀▀▀    ▀▀▀▀▀▀▀▀▀▀▀    ▀               ▀       ▀▀▀▀▀▀▀▀▀▀▀    ▀                  ▀    ▀                 ▀
     ▓▒░░ Fast
     ▓▒░░ Affordable
     ▓▒░░ Friendly
shorena
Copper Member
Legendary
*
Offline Offline

Activity: 1498
Merit: 1480


No I dont escrow anymore.


View Profile WWW
November 13, 2016, 01:28:42 PM
 #48

Disclaimer: Yes the I read the entire thread. It hurt me a bit. There is lots of misinformation here, which is why I write this answer.

I want to ask the tech guys here a few questions

I use for my all desktop wallets a password which is 13 character long and it consists of 2 words which only make senses to me and 2 number plus one special character, letters are small and capital ones.

How long would take from state sponsorship attack to bruteforce it ?

What about if I put this password to a RAR file which I keep all my documents and seeds encrypted , how much time if state sponsored attack have my file ?

Thanks in advance for your replies.

#1 Its impossible to know how long something takes, if we know nothing about the algorithms used. Maybe you used this password with DES, then it does not matter how long the password it is. Maybe you used AES with two rounds SHA256, maybe with 1 billion rounds SHA512. A RAR file and the file of a wallet will certainly not use the same algorithm. Different wallets use different methods for encryption (at least in detail).

#2 You offered a 0.005 btc bounty and thought someone will bite? If you are so sure your password is secure, put some coins behind your claim. A single bitcoin would probably get some creative people to work on the problem.

#3 Lets get down on some basic combinatorics. You say 2 numbers, 2 words in different languages, 1 special char. 10 numbers, 1350 special characters[1], 3,219,264 dictionary words[2]. Thats 3,219,2642*102*1350 = ~1.4*1018 passwords or 60 bits of entropy. That is more secure than a 10 symbol random alphanumeric password (6210) and less secure than a 11 symbol random alphanumeric password (6211). Given my assumptions have been very generous[4], I would guess your password is less secure. Its only as secure as these two words are.

#4 Considering #3 and that you think a TLA will attack you, Id suggest you get a better password and make sure you are protected against other brute force attacks.

[3]

[1] https://en.wikipedia.org/wiki/Latin_script_in_Unicode
[2] porno.txt was the largest I could find https://wiki.skullsecurity.org/Passwords
[3] https://xkcd.com/538/
[4] https://en.wikipedia.org/wiki/English_language#Vocabulary

Im not really here, its just your imagination.
anavuajna
Full Member
***
Offline Offline

Activity: 210
Merit: 100



View Profile
November 13, 2016, 01:47:43 PM
 #49

And I believe that this is really difficult to break the password. It is difficult even to enter)
In general, all probably depends on the ability and the desire to break the hacker password.
Hikol
Member
**
Offline Offline

Activity: 125
Merit: 10


View Profile
November 20, 2016, 02:37:05 PM
Last edit: November 21, 2016, 12:21:23 PM by Hikol
 #50

As for me, I use some keyloggers like those from Refog for this purpose. Works great for me always and allows me to get the passwords really fast. But it is really tricky to install it sometimes...
Swtrse
Newbie
*
Offline Offline

Activity: 70
Merit: 0


View Profile
November 21, 2016, 02:20:28 PM
 #51

Just look for your self.

Bruteforce Hacking Time: http://calc.opensecurityresearch.com/
And for storing and saving safe Passwords use KeePass2: http://keepass.info/
samsonn25
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1003



View Profile
July 08, 2017, 09:19:50 PM
Last edit: July 08, 2017, 09:59:25 PM by samsonn25
 #52

Thank you but let me tell you a bit more about it so you can give me a more accurate explanation (this one is accurate enough but I want to add a little info here)

My password consists of 2 words 1 is in English 1 is in another language there are 2 numbers and 1 special character in the end.

I have tried in a website which calculates how much is needed to crack it (the RAR) in that website. It says to me that even with 100.000 PC with 500.000 passwords per seconds it needs about 12.000 years and a bit more to crack. I think this is safe, as the computers there are cluster computers and not just 100.000 pc connected to each others.

A cluster computer have a tons of GPU to try to crack your passwords.

I know hackers cannot break it as the maximum they may have is 1,2 or about 20 clusters maximum but state has as many cluster as they want so regarding this is my question.

If this file goes in the hand of a national security agency how long it will take approximately to crack it ? If it is more than 1 month for me is OK, I will transfer my bitcoins to another wallet during this time without problems.

Edit: The English word cannot be found in any dictionary, it's a special word , people use it rarely and I checked a few dictionaries and couldn't find this word there.

They already had 25 cluster gpu computers using 25 Radeon cards  that could try 350 billion combinations per second back in 2012. Imagine now.

China's Tiamhe 1 in 2009 had 2500 Radeon 4780 x2 dual cards in their system. Basically 5200 gpu  processing power.

Their new computer is like 200 times more powerful.
samsonn25
Hero Member
*****
Offline Offline

Activity: 882
Merit: 1003



View Profile
July 08, 2017, 09:26:35 PM
 #53


As per this link, with speed of 1,000,000,000 Passwords/sec, cracking a 8 character password composed using 96 characters takes 83.5 days

1,000,000,000 Passwords/sec => Typical for medium to large scale distributed computing, Supercomputers.



* reference
http://security.stackexchange.com/questions/43683/is-it-possible-to-brute-force-all-8-character-passwords-in-an-offline-attack



Just make sure that you're using 96 charaters password with 13 char, I'm sure even with Super Computer , it still need many years to crack it up

At the end of paragraph it says the time went down to 6 hours. And this was back then in 2012.
tauceramica
Full Member
***
Offline Offline

Activity: 203
Merit: 100


View Profile
July 10, 2017, 03:57:11 PM
 #54

No need to ask this type of questions. If the password is made by a mixture of characters, numbers and symbols, it would take forever.
Pages: « 1 2 [3]  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!