This website uses cookies to ensure you get the best experience on our website. Learn more
[New research] How well does SHA256 protect against modern password cracking
The Specops research team have previously published data on how long it would take for hackers to brute force hashed user passwords. We set up hardware to test two different algorithms: MD5 hashed passwords and bcrypt hashed passwords. Now, we’ll be putting the SHA256 hashing algorithm to the test, to see how long its hashed passwords take to crack with the same computational power.
The research also coincides with the latest addition of over 42 million compromised passwords to the Specops Breached Password Protection service.
Darren James, Senior Product Manager at Specops Software, said this about the findings: “It’s a cybersecurity blunder to store passwords in plaintext, as anyone who gains unauthorized access to the database could simply read them. Hashing algorithms solve this problem to an extent, although it is technically possible to crack hashed passwords through brute-force guessing via powerful hardware and sophisticated software.”
“Even with dictionary lists and other aids, hackers still often only have the chance to crack the shortest, simplest passwords. SHA256 is a relatively modern hashing algorithm and as our research shows, it can easily put the ‘time to crack’ up to thousands (or even millions) of years for strong passwords. However, it’s important for organizations to remember that hashing algorithms can be rendered irrelevant due to end user mistakes. For example, a password becoming compromised through password reuse.”
What’s SHA256 and how does it work?
The SHA256 hashing algorithm is a member of the SHA-2 (Secure Hash Algorithm 2) family, which is a set of cryptographic hash functions designed by the National Security Agency (NSA) and published by the National Institute of Standards and Technology (NIST) in 2001. SHA256 is widely used in various security applications and protocols due to its robustness and security features.
History
The SHA-2 family was developed as a successor to the SHA-1 algorithm, which was found to have vulnerabilities that could potentially be exploited. SHA-2 includes several variants, with SHA256 being one of the most commonly used. The development of SHA-2 was a response to the need for more secure hash functions that could withstand advances in cryptographic attacks.
Usage
SHA256 is used in a wide range of applications, including:
- Digital Signatures: It is used to ensure the integrity and authenticity of digital documents.
- Blockchain Technology: SHA256 is the hashing algorithm used in Bitcoin and other cryptocurrencies to secure transactions and maintain the integrity of the blockchain.
- SSL/TLS Certificates: It is used to secure web communications by ensuring the integrity of certificates.
- Password Hashing: Although not recommended for direct password storage due to its speed, SHA256 is sometimes used in combination with other techniques like salting and key stretching.
Technical functioning
SHA256 produces a 256-bit (32-byte) hash value. The algorithm processes input data in 512-bit blocks and performs a series of operations to produce the final hash. Here’s a high-level overview of how it works:
- Padding: The input message is padded to make its length a multiple of 512 bits.
- Initial hash value: The algorithm starts with an initial hash value, which is a fixed 256-bit value.
- Message schedule: The padded message is divided into 512-bit blocks, and each block is further divided into sixteen 32-bit words. These words are expanded into a 64-word message schedule.
- Compression function: The compression function processes each block using a series of logical operations, bitwise operations, and modular arithmetic. This involves eight working variables (a, b, c, d, e, f, g, h) and a series of constants.
- Final hash: After processing all blocks, the final hash value is obtained by adding the initial hash value to the output of the last compression function.
SHA256 features to note
- Collision resistance: SHA256 is designed to be collision-resistant, meaning it is computationally infeasible to find two different inputs that produce the same hash output.
- Preimage resistance: It is also designed to be preimage-resistant, meaning it is computationally infeasible to find an input that hashes to a given output.
- Performance: SHA256 is relatively fast compared to other secure hash functions, making it suitable for applications that require high performance.
- Widespread Adoption: Due to its security and performance, SHA256 has been widely adopted in various industries, including finance, healthcare, and government.
SHA256 cracking table: How long does it take to crack SHA256 hashed passwords?
SHA256 is a critical component of modern cryptographic systems, providing a high level of security and integrity for digital data. Its widespread adoption and robust design make it a go-to choice for many security applications. So how did SHA256 stack up against our team’s simulated brute force attack?
As you can see in the below table, SHA256 is extremely secure against brute force attacks when used in combination with long, complex passwords. Short, non-complex passwords can still be cracked relatively quickly, highlighting the huge risks of allowing users to create weak (yet very common) passwords such as ‘password’, ‘123456’, and ‘admin’. But once a combination of characters are used in passwords over eight characters in length, the time to crack quickly becomes a near-impossible task for hackers using brute-force methods.
Time to crack: SHA-256 Hashed Passwords
Number of characters | Numbers Only | Lowercase Only | Upper and Lower | Number, Upper, Lower | Number, Upper, Lower, Symbols |
---|---|---|---|---|---|
6 | Instantly | Instantly | Instantly | Instantly | Instantly |
7 | Instantly | Instantly | Instantly | Instantly | 14 minutes |
8 | Instantly | Instantly | 11 minutes | 41 minutes | 21 hours |
9 | Instantly | Instantly | 9 hours | 2 days | 3 months |
10 | Instantly | 27 minutes | 19 days | 3 months | 22 years |
11 | Instantly | 12 hours | 2 years | 19 years | 2052 years |
12 | Instantly | 13 days | 141 years | 1164 years | 195k years |
13 | 2 minutes | 9 months | 7332 years | 73k years | 19m years |
14 | 19 minutes | 24 years | 381k years | 4474k years | 1760m years |
15 | 4 hours | 605 years | 19m years | 277m years | 167.2b years |
16 | 2 days | 15732 years | 1031m years | 18b years | 16t years |
17 | 14 days | 410k years | 54b years | 1067b years | 1509t years |
18 | 5 months | 11m years | 2788b years | 67t years | 144q years |
19 | 4 years | 277m years | 145t years | 4099t years | 14Q years |
20 | 37 years | 7189m years | 8q years | 255q years | 1294Q years |
Hardware setup
The above table shows time to crack via brute-forcing given hashes with modern hardware with the following assumptions. This was the exact same set-up we used for the MD5 and bcrypt cracking research – it’s achievable for most bad actors looking to crack an organization’s passwords, although for optimal results you’d ideally want more power than we’re using here:
- Hardware: The Nvidia RTX 4090. Currently the best value-for-money generally available hardware to perform password cracking attacks with. This is a flagship gaming GPU which can be purchased by consumers and is largely affordable with an MSRP of around $1599 USD. In order to generate this data, we’re using a hypothetical Nvidia RTX 4090.
- Software: Hashcat. Generally, a stock RTX 4090 will achieve approximately 164 GH/s in Hashcat (that can be thought of as 164 000 000 000 password guesses/second).
The above hardware assumptions may sound expensive; however, with ransomware payments in the millions, the cost can seem minimal. Even still, some attackers may find faster and cheaper results with cloud services.
Find compromised passwords in your network today
This month’s update to the Breached Password Protection service includes this month’s addition of over 17 million compromised passwords to the list used by Specops Password Auditor. You can find how many of your passwords are either compromised or identical with a read-only scan of your Active Directory from Specops Password Auditor. You’ll get a free customizable report on password-related vulnerabilities, including weak policies, breached passwords, and stale/inactive accounts. Download your free auditing tool here.
Can SHA256 hashing prevent password compromise?
As you can see in the cracking table produced from this research, SHA256 can’t protect short, simple passwords from brute-force attacks. On the other hand, it also shows that a hacker would likely be wasting their time trying to crack a long, complex password that’s been hashed with SHA256. This proves the value in encouraging end users to create long, secure passphrases.
Attackers will always prefer to go in search of easy targets and low-hanging fruit. For example, Active Directory passwords that have already been compromised in data breaches. One way this can happen is through password reuse. Your could encourage your end users to create long, strong Active Directory passwords and store them very securely. But this work is undone if end users reuse those passwords on personal devices, sites, and applications with weak security.
If attackers can identify the individual with exposed credentials, it’s simple to learn their place of work and try the password. There’s an entire underground industry of ‘initial access brokers’ that specialize in this kind of intrusion. This should serve to highlight the value of having tools that detect compromised password within your organization.
Time to crack: Known compromised passwords
Number of characters | Numbers Only | Lowercase Only | Upper and Lower | Number, Upper, Lower | Number, Upper, Lower, Symbols |
---|---|---|---|---|---|
6 | Instantly | Instantly | Instantly | Instantly | Instantly |
7 | Instantly | Instantly | Instantly | Instantly | Instantly |
8 | Instantly | Instantly | Instantly | Instantly | Instantly |
9 | Instantly | Instantly | Instantly | Instantly | Instantly |
10 | Instantly | Instantly | Instantly | Instantly | Instantly |
11 | Instantly | Instantly | Instantly | Instantly | Instantly |
12 | Instantly | Instantly | Instantly | Instantly | Instantly |
13 | Instantly | Instantly | Instantly | Instantly | Instantly |
14 | Instantly | Instantly | Instantly | Instantly | Instantly |
15 | Instantly | Instantly | Instantly | Instantly | Instantly |
16 | Instantly | Instantly | Instantly | Instantly | Instantly |
17 | Instantly | Instantly | Instantly | Instantly | Instantly |
18 | Instantly | Instantly | Instantly | Instantly | Instantly |
19 | Instantly | Instantly | Instantly | Instantly | Instantly |
20 | Instantly | Instantly | Instantly | Instantly | Instantly |
Continuous automated defense against compromised passwords
Specops Password Auditor offers a great starting point for assessing your current password risks, but it’s only a snapshot. With Specops Password Policy and Breached Password Protection, organizations can continuously protect themselves against over 3 billion more known unique compromised passwords (4 billion in total). These compromised passwords include ones used in real attacks today or are on known breached password lists, making it easy to comply with industry regulations such as NIST or NCSC.
Our research team’s attack monitoring data collection systems update the service daily and ensure networks are protected from real world password attacks happening right now. The Breached Password Protection service blocks these banned passwords in Active Directory with customizable end-user messaging that helps reduce calls to the service desk.
The daily update of the Breached Password Protection API, paired with continuous scans for the use of those passwords in your network, equals a much more comprehensive defense against the threat of password attack and the risk of password reuse. Interested in seeing how this might work for your organization? Have questions on how you could adapt this for your needs? Contact us or see how it works with a demo or free trial.
(Last updated on November 13, 2024)
Related Articles
-
[New Research] Best Password Practices to Defend Against Modern Cracking Attacks
Today, the Specops research team is publishing new data on how long it takes modern attackers to brute force guess user passwords with the help of newer hardware. This data with the latest addition of over 15 million compromised passwords to the Specops Breached Password Protection service. “The recent headline-making news of the possibilities of…
Read More -
[New research] Are VPN passwords secure? Two million malware-stolen passwords say no.
Today, the Specops research team is publishing new data on VPN passwords that have been stolen by malware. In total, our threat intelligence research team found 2,151,523 VPN passwords that have been compromised by malware over the past year. These are all real stolen passwords chosen by end users to access VPNs, and they all…
Read More -
Leetspeak passwords – predictable and crackable
Leetspeak enables users to create passwords that are easy to remember, and easy crack. By preventing users from utilizing character substitution during password creation, Specops Password Policy can guide users towards stronger passwords.
Read More