GoKawiilCompute power is growing at an extraordinary pace. The AI surge has driven massive investment in GPUs and specialized ‘accelerators’, with vendors building increasingly powerful hardware to train large language models.
For cybersecurity professionals, that raises an interesting question. If the AI bubble cools and this hardware ends up sitting idle, could it be repurposed for password cracking? And if so, does that mean passwords are about to become obsolete?
To explore that scenario, we compared two flagship AI accelerators, the Nvidia H200 and AMD MI300X, with Nvidia’s top consumer GPU, the RTX 5090. The goal was simple: seeing whether a $30,000 AI GPU actually has an advantage when cracking passwords.
Setting up the test
The Specops research team has previously published work examining how long it takes attackers to brute-force hashed passwords. In separate tests of MD5, bcrypt and SHA-256, we measured how quickly each algorithm could be cracked using the same hardware.
To see how GPUs impact this process, we turned to Hashcat, one of the most widely used password recovery tools. Hashcat includes benchmarking capabilities that show how quickly different hardware can compute password hashes.
This matters because password cracking is ultimately a numbers game. The faster a system can generate hashes, the faster it can test password guesses until it finds the correct one.
For this comparison, we looked at Hashcat benchmark results for five commonly encountered hashing algorithms:
MD5
NTLM
... continue reading