high performance computing on graphics processing units: hgpu.org

In this research the following question is answered: what should KPMG advice their clients regarding to password length and complexity, now GPU-based password cracking has become a reality. To be able to answer this question, tests with different tools and hashes were performed on a system with four high end GPUs. The test system showed an improvement of a factor fourteen in brute force speed in comparison with modern CPUs. KPMG’s advice to their clients regarding password length and complexity should be one of the following (this applies to all the hashes that were researched): Nine or more characters with lower and upper case letters, digits and punctuation marks; Ten or more characters with lower and upper case letters and digits; Twelve or more characters with lower case letters and digits.