elevateZoom (Requires jQuery)

Facebook Messenger (Donation)

Many donors of this blog prefer to donate their money through Facebook Messenger!

Click here to go to this blog's Facebook Page!

Thank you!

Activation Code - Donation (Multiple Options)


Request Web\PHP\JavaScript\HTML Project !

Contact us if you want us to develop a Web\PHP\JavaScript\HTML project for you!

Advertise On This Blog!

If you want a Product\Service\Event to be advertised on this blog, feel free to contact us!

Ads (Reserved)

Thursday, December 5, 2019

CrackQ "Hundreds of Billions of Guesses per Second" is not a threat at all for "Multi One Password" manager!

CrackQ: "We're talking hundreds of billions of guesses per second in many cases." (Click here for more info)

That compared to "Multi One Password" hashed "Final Passwords" is really nothing! (Click here for more info)

Iterations and Extra Salt - Multi One Password (Click Here)

Bcrypt (vs) Multi One Password! (Click Here)

For each password, "Multi One Password" manager uses by default a random 248 long characters salt that contains (uppercase\lowercase\digit) characters only and a random 128 long characters salt that contains hex symbols only!

So, here is a quick demonstration on how "hundreds of billions of guesses per second" is really nothing:

999 000 000 000 guesses in 1 second! (999 Billions!)

100000000 seconds = 3.1709791984 years

16^128 (All the 128 possible combinations between the 16 hex symbols!)
62^248 (All the 248 possible combinations between (Uppercase\Lowercase\Digit) characters!)

999 000 000 000 x 100000000 = below

99 900 000 000 000 000 000 guesses in 3 years!

16^128 = 1.340781e+154 = below


Even in 3 years, CrackQ is still far far away to guess all the (16^128) possibilities alone!

Well, for (62^248) which is "Infinity" or "Error" in some calculators, hackers really can't do nothing with CrackQ!


RTX 2080 Ti GPU (Year 2018, $999 US Dollars)

10 x RTX 2080 Ti GPU ($9 990 US Dollars) can guess 25054.2 MH/s SHA2-512 ~= 25 Billions per second! (Click here for more info)

It means that 100 x RTX 2080 Ti Gpu ($99 900 US Dollars) can guess 250 Billions! (Still less than 999 Billions!)

Since 2019, the below hashed string generated in "Multi One Password" manager was sent to the CrackQ team to crack it, but no response received from them yet:


The password is 10 characters long and contains only lowercase characters!

(Note) From the demonstration above, it would take CrackQ far and far more than 3 years to find the original password!

for aaaaaaaaaa + (16^128 + 62^248) = An Eternity
for aaaaaaaaab + (16^128 + 62^248) = An Eternity
for aaaaaaaaac + (16^128 + 62^248) = An Eternity
for zzzzzzzzzz + (16^128 + 62^248) = An Eternity

Even if the "Random Code (Salt)" was made available to the CrackQ team, it would still be almost impossible for them to crack the above SHA512 hashed string because "Multi One Password" manager uses by default 15000 to 16000 iterations!

15000 iterations requires at least 1 second for the "Final Password" to be generated! (For average computers!)

26^10 (All the 10 possible combinations between the 26 Lowercase characters!)

26^10 = 1.411671e+14 = 141167100000000 total guesses

141167100000000 x 1 second = 141167100000000 seconds = 4476379 years

So, it would take them 4476379 years to crack the SHA512 hashed string above even if the "Random Code (Salt)" was made available to them! (well for 25000 or higher iterations even an eternity wouldn't be enough!)


for 15000 iterations, a super server can generate "Final Passwords" in 1 milliseconds = 0.001 seconds
141167100000000 x 0.001 second = 141167100000 seconds = 4476 years

for 15000 iterations, a super server can generate "Final Passwords" in 0.1 milliseconds = 0.0001 seconds
141167100000000 x 0.0001 second = 14116710000 seconds = 447 years

and son on ...!

Since 18 Feb 2020, TeraHash(Click here) still didn't crack the bellow 1 character long SHA512 hashed password (which is a lowercase letter) with its $1.4 Million configuration of 448 x GeForce RTX 2080 GPUs:


That's really embarrassing!

In 2020, the founder of the almost defunct @TerahashCorp, @jmgosney, claimed he would crack the 10 chars long hashed password in under 3 minutes, so we decided to give him the 1 char long hashed password in order to allow him to crack it in under 1 minute! (1 year has passed and he still didn't crack none of them! This is FANTASTIC and AWESOME!!!)

No comments:

Post a Comment

ADS - Multi Share Calculator