* [Blog](https://www.paloaltonetworks.com/blog) * [Palo Alto Networks](https://www.paloaltonetworks.com/blog/corporate/) * [Mobility](https://www.paloaltonetworks.com/blog/category/mobility/) * State of the Art in WPA/W... # State of the Art in WPA/WPA2 Passphrase Cracking -- Part 3 [](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2013%2F10%2Fstate-art-wpawpa2-passphrase-cracking-part-3%2F) [](https://twitter.com/share?text=State+of+the+Art+in+WPA%2FWPA2+Passphrase+Cracking+%E2%80%93+Part+3&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2013%2F10%2Fstate-art-wpawpa2-passphrase-cracking-part-3%2F) [](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2013%2F10%2Fstate-art-wpawpa2-passphrase-cracking-part-3%2F&title=State+of+the+Art+in+WPA%2FWPA2+Passphrase+Cracking+%E2%80%93+Part+3&summary=&source=) [](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/2013/10/state-art-wpawpa2-passphrase-cracking-part-3/&ts=markdown) \[\](mailto:?subject=State of the Art in WPA/WPA2 Passphrase Cracking – Part 3) Link copied By [Brian Tokuyoshi](https://www.paloaltonetworks.com/blog/author/brian/?ts=markdown "Posts by Brian Tokuyoshi") Oct 17, 2013 3 minutes [Mobility](https://www.paloaltonetworks.com/blog/category/mobility/?ts=markdown) In the [previous entry in this series](https://www.paloaltonetworks.com/blog/2013/10/state-art-wpawpa2-passphrase-cracking-part-2/?ts=markdown), we talked about how better word lists and better rules led to a renaissance in breaking passphrases (including WPA/WPA2 passphrases). It made the guesses more accurate, thus improving the hit rate before resorting to brute force. However, technology also played a major factor in the renaissance as well through the use of graphics cards to offload the calculations. It used to be very expensive to get hardware accelerated password cracking technology, because the machines of the past were custom built for this purpose. Today, consumer grade graphics cards available from typical electronics stores are quite adept at this work, and thus an attacker could get massive increases in cracking power for very little money. That's because the work is very easily broken up so that it can be done in parallel. Consumer-grade 3D graphics cards have GPUs (Graphics Processing Units) which are also very good at performing large numbers of calculations in parallel, thus making them well suited for this work. In addition, several graphics cards working in concert can be installed on a single system making even greater speeds possible. To give you an idea of the scale for what GPU acceleration has done, let's first look at a generic desktop with no graphics acceleration. A general purpose CPU must perform a variety of tasks, and thus while it's quite capable of performing the calculations to test passphrases, it doesn't specialize in it. With all things being equal, in order to triple the number of password guesses per second, you would need to find a computer with triple the computing power. As you might surmise, it's not easy or cheap to get these types of improvements. By using the GPU on the graphics card, a 10 fold increase in the number of passphrases per second over baseline became feasible. Thus, it became relatively cheap (high performance graphics cards typically cost on the order of $300 to $500 USD) to get extra performance on a significant order of magnitude. In the last article, we talked about how optimizing the word lists and rules improved the accuracy for educated guesses. The addition of new technology made brute force more practical than ever. Combined, these improvements are very exciting, but there are still more pieces to the story: virtualization and cloud computing. I'll cover these techniques next. With all of the excitement created with the addition of the GPU, there were still yet another set of improvements towards the password cracking efforts that were just around the corner: the use of virtualization and cloud computing. I'll cover these techniques next week. *** ** * ** *** ## Related Blogs ### [Mobility](https://www.paloaltonetworks.com/blog/category/mobility/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Service Providers](https://www.paloaltonetworks.com/blog/category/service-providers/?ts=markdown) [#### Look What's Riding Your Network](https://www.paloaltonetworks.com/blog/2018/02/look-whats-riding-network/) ### [Mobility](https://www.paloaltonetworks.com/blog/category/mobility/?ts=markdown), [Service Providers](https://www.paloaltonetworks.com/blog/category/service-providers/?ts=markdown) [#### Mobile Network Operators: Boost Value with the Safest Network](https://www.paloaltonetworks.com/blog/2017/03/mobile-network-operators-boost-value-safest-network/) ### [Application Advisory/Analysis](https://www.paloaltonetworks.com/blog/category/application-analysis/?ts=markdown), [Malware](https://www.paloaltonetworks.com/blog/category/malware-2/?ts=markdown), [Mobility](https://www.paloaltonetworks.com/blog/category/mobility/?ts=markdown), [Threat Advisories - Advisories](https://www.paloaltonetworks.com/blog/category/threat-advisories-advisories/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Unit 42](https://unit42.paloaltonetworks.com) [#### Chinese Taomike Monetization Library Steals SMS Messages](https://www.paloaltonetworks.com/blog/2015/10/chinese-taomike-monetization-library-steals-sms-messages/) ### [Distributed Enterprise](https://www.paloaltonetworks.com/blog/category/distributed-enterprise/?ts=markdown), [Mobility](https://www.paloaltonetworks.com/blog/category/mobility/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown) [#### Reusable Mobile App Libraries Introduce Reusable Security Issues](https://www.paloaltonetworks.com/blog/2014/07/reusable-mobile-app-libraries-introduce-reusable-security-issues/) ### Subscribe to the Blog! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language