SimThrow Passphrase Generator & Tester
How strong is the pass phrase you just generated in your case,
for example to protect your WiFi or vault? Does 'They can do 150 billion guesses per second' apply to your case?
is Itura's easy to use pass-phrase generator & strength analysis tool. It estimates strength and recovery times for
individual cases like specific applications, hashes, recovery hardware capacity, and dictionaries.
Passphrase generation is based
on Diceware.Throwing the dices though, is simulated by random generators. Choose 'throwing' based on a true random generator
on Internet or based on a local pseudo generator to stay offline.
v 2.0 is out! (May 29,2014) Many improvements including unique day 1 recovery
v2.1 is out! (Aug 28, 2014) Better standard reporting including defeating the lower case only fairytale, and unique is wordlist
collision detection. The 4 word phrase 'car pet nor ma' contains only 2 words 'carpet norma'
Sample Analysis Standard Mode
The current passphrase is: wadi attack overt wire
When used as WiFi key, the passphrase
could be recovered off-line in 1.2 centuries on average.
Assumed recovery hardware etc.: WiFi,
If a site stores the phrase as a SHA512crypt hash, the phrase could be recovered in 4.8 centuries
Assumed recovery hardware: Slow hash/Prof Hw, 25 GPUs
When sniffed as a NTLM-password on a Windows network, the phrase
can be recovered in 4.0 hours on average!
Assumed recovery hardware: Fast hash/Prof Hw, 25 GPUs
trial logins on sites that do not limit faulty logins, could succeed in 1739 centuries on average.
online logins: 1000 x /sec
When used as WiFi key, agencies employing a 512 GPU-array,, could recover it in: 1.9 year on
average! Assumed hardware: 512 top GPU array, '8 ->512 performance estimated'. A 5 word Phrase would take
Only lowercase letters? Smart brute force (letters only) will recover the phrase in: 6E+17 centuries on
Assumed hardware: Fast hash/Prof Hw, 25 GPUs,NTLM
Innovation through IT
I T U R A