How quickly does modern hardware cracked? New simulations with the RTX 5090 provide alarming results. At the same time, the calculations also show which errors users should definitely avoid when choosing the password.
Inadequate passwords
In his last security report 2024, Microsoft reported over 600 million daily attacks on the passwords of its users. Therefore, the company pushes for a password-free future with passkeys and, in the event of an ever other of its services, makes multi-factor authentication mandatory, as was the case with Azure. Nevertheless, many private individuals still use short and simple passwords – even the US secretary chief.
However, this is becoming increasingly dangerous, as a new investigation now shows. The cyber security company Hive system has been regularly testing the limits of the password crack since 2020. In the recent update of its so-called Password Tables, the company shows how long it takes by using the latest hardware to decrypt different password-hashes by brute force method. The results are alarming and impressively show the critical mistakes that users should definitely avoid when choosing the password.
Dramatic speed increase when cracking
Hive Systems uses twelve Nvidia GeForce RTX 5090 graphics cards for the calculations in the 2025 study. The chips currently represent the most powerful consumer GPUs and offer enormous computing power. In the previous year, the company still used twelve units of the predecessor RTX 4090. Compared to 2024, the time to crack passwords decreased by almost 20 percent with the new graphics processors.
For a password from eight small letters, the chips need just three weeks. Other results are even more terrifying. So the cracking of an eight -pointed password that consists only of digits would only take 15 minutes with the twelve GPUs. With a combination of digits and letters, the time span jumps to 62 years. If you add special characters, it grows to 164 years of uninterrupted computing work.
Compared to the GeForce RTX 4090, Nvidia’s latest GPU generation thus offers a performance increase of 33 percent. However, a single GeForce RTX 5090 gains a significant advantage with increasingly complex passwords and becomes twice as fast for passwords with numbers, upper and small letters and special characters.
Security through length and complexity
According to Hive Systems, users with a 13-digit password of numbers as well as large and small letter finds in the green zone. It would currently take 56 billion years to crack a corresponding password. Even if someone spends a lot of money and used an army of high -performance graphics cards – about 10,000 A100 Tensor Core GPUs from Nvidia, with which Openaai allegedly trained Chatgpt -3 – would be a strong password.
A ten-digit password with large and small letters would need more than an average human life, namely 112 years, for cracking. For a fourteen-digit password with special characters, numbers, capital and small letters, 52 billion years would be needed even with the GPU calculation.
Use password managers
The lesson from it? Password length and variety of characters – especially special characters – are still crucial. Since consumer GPUs are getting faster and faster, it is now a good time to use a password manager like 1password or bitwarden and no longer rely on passwords with fewer than twelve characters.
Even if the Password Table 2025 specifies the time that is needed for the cracking of the passwords, it is still an informative memory of the fact that complex, longer passwords are always safer than the typical weak passwords that still use many users.
