Does anyone know the rate at which password-cracking methods are improving? Specifically: what is the doubling time?

Also: the process is probably best expressed as keys cracked per second per $1,000 investment, or $1/(key-second). It's not a flat rate, it's a cost-dependent rate for a given point in time.

Quick maths suggests that if the rate-doubling time is 2 years, and a current key is rated at 1 trillion years, *ACTUAL* effective strength is less than 70 years.

@dredmorbius I've written UI code before (in keysafe) that estimates time to crack the user's password, and I used moore's law and AWS spot instance pricing.


@joeyh If I've got this figured right, the key is crackable for about $1 in 53 years, assuming Moore holds up.

Is your spot pricing following Amazon's pricing trends?

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!