Despite the growing adoption of passwordless authentication, passwords remain the most common method for protecting accounts, but they are susceptible to brute force attacks, especially with the advancement of modern GPUs. For example, 6-character passwords can be cracked instantly, regardless of the combination of letters, numbers, or special characters used.
The annual Hive Systems research reveals how the complexity and length of passwords significantly impact the time required to crack them. Using a desktop with a high-performance GPU, an 8-character password made up of numbers, uppercase and lowercase letters, and symbols can be cracked in less than an hour. With cloud resources, such as Amazon AWS GPUs, this time can be reduced to minutes.
Furthermore, this year's analysis considered the impact of advanced tools like ChatGPT, which could theoretically crack a password in seconds with the massive use of GPUs, although it is unlikely that hackers have access to such resources.
The research underscores the importance of using long and complex passwords and recommends adopting multifactor authentication to enhance account security.