Password Strength

There is a lot of out-of-date advice on choosing an appropriate password strength. Many rely on an old password strength meter tool called zxcvbn. The general advice is still sound: choose items randomly, pass phrases are easier to remember, etc. But how complex should your password be? This all hinges on how many hashes a password cracking GPU can do per second. See here for hashcat run on an NVIDIA RTX 4090. I’m seeing 8G hash/sec for PBKDF2-SHA256 (1 iteration). This card costs $1700 today. For context, peak Bitcoin hashrate is 300 quintillion (3e20) hash/sec, which comes at enormous costs in specialized hardware and energy.

For someone to generate 1 trillion hashes/sec, they would need 125 cards costing a reasonable $212K. A 13 character password or 6 Diceware words would take 350M years to crack. Ok, so 1 quadrillion hashes would cost $212M and 350K years to crack. The entire Bitcoin network at peak capacity would need 1 year to crack this password. But add 1 word to your passphrase (or 2 chars to password) and it takes 9000 years (or 4000 years for password).

So what’s a good minimum password strength? If hashing power doubles every year, then it would be 1000x faster in 10 years. Assume a hacker goes from 1Th/s to 1 quadrillion. Then a 4 word Diceware pass phrase or a 9 char password can be cracked in a month. That’s merely 53 bits of entropy. You can add another word or character if you still feel nervous, or get a security key. I think once an attacker determines you’ve used a good enough password they will move on to other targets.