Ok, long story short, I'm currious how long it would take an agency to crack a 10-15 character winrar password. The file names in the archive are also scrambled including a word at the start and numbers and characters. Roughly, should I have reason to believe this could be cracked within a reasonable time frame?
-
1It will probably take less time if they see this now that you posted this....– user11869Apr 29, 2013 at 1:52
-
oh its not actually happening, im just curious :)– JakeApr 29, 2013 at 1:52
-
Should probably find a better way to store supersensitivefiles that you're worried the FBI might find. And posting here is pretty helpful for them to find an answer if it's really something serious.– cutrightjmApr 29, 2013 at 2:18
Add a comment
|
3 Answers
There is some data here. WinRAR uses a custom key derivation function which involves thousands of SHA-1 invocations. Apparently, with two good GPU, about 15000 passwords per second can be tried.
Then it depends, not on the length of your password, but on the way you produced it. It's not the length which makes the password strong, but the randomness. If your password is a sequence of 15 random characters, chosen uniformly and independently of each other, then it will resist forever. If it is a common English word which happens to be 15 characters long, then it is toast and will be recovered in a matter of seconds.
answered Apr 29, 2013 at 11:22
The answer is 42 of course.
In all seriousness, this question is unanswerable. There are many factors, including but not limited to the amount of hardware the attacker is willing to throw at you.
Your password is weak though, it's very predictable which is the bane of strong passwords.
As mentioned rar uses SHA-1 which is pretty strong. You can have a good comparison of different algorithms here. As you can see cracking rar is slower than WPA-PSK.
-
1