Not open for further replies.


Staff member
Source: HuffingtonPost

Related: Ars Technica and Ocl-Hashcat-Plus

An update to a free online password-cracking program just made it easier for hackers to get their hands on more complex passwords.

When you sign up for an account on a website and create a password, that information is stored in a company database as "cryptographic hashes": strings of numbers and letters that can be converted to plain-text passwords by running them through an algorithm. It's a rare hacker who can invade a company database and come out with a stash of passwords in plain text -- usually, what a hacker ends up with after pulling passwords from a database is just a bunch of complicated hashes.

Ocl-Hashcat-plus is a computer program that specializes in cracking these hashes -- but until last week, it could only turn passwords of 15 characters or less from hash to plain text. Hackers requested a version of ocl-Hashcat-plus that could crack longer passwords, and ocl-Hashcat-plus delivered.

Ars Technica reports that this newest version of ocl-Hashcat-plus can crack 55-character passwords.


Super Moderator (Leave of absence)
Let's see them crack my own 256-bits of entropy "correct horse battery staple" type password.

Not open for further replies.