Cracking passwords has two aspects that need to be considered when taking into account how likely it is to reveal the information you need. They are defined as follows:

Efficiency – The likelihood that your password set has the candidate password within it.

Power – How many attempts / guesses you can make per second, minute / random time frame.

With the increase in GPU crackers, oclHashcat being my favorite, a large emphasis has increasingly been put on power as opposed to efficiency. People suspect that because they can throw a wordlist of 1 billion entries against a hash that it’s the optimal solution. I’m not saying that you shouldn’t try it as your last resort, but perhaps there is a better way to put the odds in your favour.
[Read more…]