Hashcat is a freely available password cracker. It can be used by security auditors to stress-test company passwords and by criminals to crack lists of stolen passwords. One of the biggest issues with this utility has been an inability to handle passwords in excess of 15 characters. The latest version can now handle passwords and phrases typically up to 55 characters in length.
The latest version of hashcat, released last month, is a significant update to the program. Jens Steube, lead developer, says the update is “the result of over 6 months of work, having modified 618,473 total lines of source code.”
What the new version of hashcat should show you is that size is no longer as important as it used to be – it’s what the user does with the characters that matters. Length is still important but more important is using a mix of characters, like numbers, special characters, and punctuation symbols to make the process of password discovery too slow even for a determined hacker.
You can learn more and download the free program here.