Cryptocurrency miners may know the exact hash rate of their mining rig as shown by their mining pool monitor, but this metric is not exclusive to cryptocurrency.
“Hash rate” refers to the number of times a chip can compute a given hash function every second, which equates to the mining performance of the hardware in many cryptocurrencies.
Cryptocurrencies are built on cryptographic hash functions, which are the same type of algorithms used to securely encrypt passwords.
This means that the hashing power of your graphics could theoretically be used for cracking passwords.
Hash functions like SHA-256 (used by Bitcoin and many password encryption tools) are notoriously difficult to crack, especially if the attacker is using brute force attacks.
Password hashes can use a variety of hash functions, from the older SHA-1 and MD5 algorithms to more resilient but computationally-expensive functions like bcrypt.
While the method of encryption can have a great influence on the difficulty of password cracking, important factors also include the length of the password.
As the number of characters in the password increases, the time to crack it increases exponentially.
Hardware is also an important factor, as you would struggle to crack even the simplest hashed passwords with a five-year old CPU – but the same task would be trivial with a powerful quantum computer.
As stated, graphics cards can be used to crack passwords, but it can be an expensive and time-consuming exercise, depending on the hash type and method used.
For the sake of this article, the theoretical brute force hashing capabilities of modern graphics cards have been compared below.
To see how modern graphics cards line up, we compared Hashcat benchmarks from around the Internet to determine which cards are the most proficient at password cracking.
Hashcat is an open-source password recovery tool which uses CPU and GPU power to crack passwords and supports a number of algorithms – including MD5, SHA-1, SHA-2, and WPA.
There are no official GPU benchmarks available for the Hashcat software, but there are various user tests which outline graphics card performance across various hashing algorithms.
The version of the software used varies across these tests, along with the clock speed and model of graphics card used, leading to variations in hashing power between most benchmarks results.
However, these figures portray a general indication of each graphics card’s hashing performance.
The Hashcat benchmark results for modern graphics cards conducted by Tutorials Technology for the WPA/WPA2 security algorithms are shown below.
|Graphics Card||Hash Rate (WPA/WPA2)|
|GeForce GTX 1080 Ti||576KH/s|
|GeForce GTX Titan XP||520KH/s|
|GeForce GTX 1080||397KH/s|
|GeForce GTX 1070||285KH/s|
|GeForce GTX 980 Ti||240KH/s|
|GeForce GTX 980||200KH/s|
|Radeon R9 295X2||347KH/s|
|Radeon RX 580||224KH/s|
|Radeon R9 390X||200KH/s|
|Radeon RX 480||185KH/s|
|Radeon R9 380X||145KH/s|
The results reflected in these benchmarks deliver an outline of hashing performance across various consumer graphics cards, and real-world performance can vary depending on a variety of factors.
As you can see, a hashing rate is roughly consistent with the mining and gaming horsepower of graphics cards – with a few exceptions due to architecture differences.
Users can also use graphics cards in parallel for increased hash rates, with many enthusiasts attempting to build powerful password-cracking rigs using multiple high-performance cards.
While these rigs may be powerful and potentially dangerous to unsecure algorithms, the latest hash functions are relatively safe from most consumer-grade password cracking attempts.