Are Your Passwords in the Green?

It’s here! And it’s bigger than ever.

The 2025 Hive Systems Password Table - the chart trusted by universities, featured across major news outlets, and shared by thousands of companies worldwide - has arrived!

Want to know how we calculated it and why the math matters more than ever? Keep reading.

Prefer a quick breakdown instead?

Hang tight. Our Hive Live episode explaining it drops in May!

Since 2020, we’ve been on a mission to crack the code - literally - on passwords. Our Hive Systems Password Table shows just how fast a hacker can brute-force your password… but what you see in the table is just the tip of the iceberg.

Curious how we actually build it? You’re in the right place. It’s way more than just pretty colors (although yes, there’s a version that’s completely purple - and yes, it’s glorious 😱).

Let’s dive into the data, the assumptions, and all the behind-the-scenes work that makes this table more than meets the eye (cue Transformers theme song).

• Got a question or comment? Leave a comment below, or message us on social media!

“So how'd you make the table?”

How It Started vs. How It's Going

• In 2020, we first shared our Password Table, based on data from www.howsecureismypassword.net (now run over by the folks at security.org) and assembled by Mike Halsey, Microsoft MVP, which looked at the relative strength of a hashed password against a cracking attempt, based on the password’s length, complexity, hashing algorithm used by the victim, and the hardware used by the attacker.

  • 2020 hardware: 1 x RTX 2080 | 2020 password hash: MD5

• In 2022, we dove in deeper on the data and hardware used to create a more accurate picture. The data in that table was based on how long it would take a consumer-budget hacker to crack your password hash using a desktop computer with a top-tier graphics card and then how long an organized-crime-budget hacker would take leveraging cloud computing resources. We looked at big name providers like Amazon AWS and Microsoft Azure but also the growing non-corporate options where you can rent a person’s computer at cost per hour.

  • 2022 hardware: 8 x A100 | 2022 password hash: MD5

• In 2023, we updated our cracking hardware to the latest and greatest, including that of the internet darling ChatGPT, and opted for a more realistic set of special characters in our testing since most websites only accept these ^*%$!&@# and so we dropped the rest. That only impacted the right-most column of the table

  • 2023 hardware: 12 x RTX 4090 | 2023 password hash: MD5

• In 2024, we took a look at what hashing (if any) had been observed in password breaches over the years and based on recent data and trends, moved from assuming MD5 to assuming bcrypt. For bcrypt, we also set it to 32 iterations. We stuck with 12x RTX 4090s because that still appears to be the best consumer accessible hardware configuration that won’t block you from running tools used for brute forcing passwords. We also started offering the Password Table in multiple languages!

  • 2024 hardware: 12 x RTX 4090 | 2024 password hash: bcrypt set to the default of 5 i.e. 32 iterations of hashing

• This year (2025), we’re on our second year of bcrypt but this time moving from the hashcat default bcrypt strength settings to the bcrypt strength levels people seem to use most in the wild. NVIDIA finally released a new consumer graphics card, the RTX 5090. To simulate a fairly successful hacker we once again assumed not one but twelve RTX 5090s.

  • 2025 hardware: 12 x RTX 5090 | 2025 password hash: bcrypt set to 10 i.e. 32,768 iterations of hashing

Obligatory primer on hashing

In the context of passwords, a “hash” is a scrambled version of text that is reproducible if you know what hash software was used. In other words, if your friend hashes the word “password” using MD5 hashing, the output hash will be 5f4dcc3b5aa765d61d8327deb882cf99. Now if you hash the word “password” using MD5 hashing , you’ll also get 5f4dcc3b5aa765d61d8327deb882cf99! You and your friend both secretly know the word “password” is the secret code, but anyone else watching you just sees 5f4dcc3b5aa765d61d8327deb882cf99. Passwords are stored in servers as hashes like this instead of in plain text like “password.” That way, if someone steals the database all they can see are these hashes but not the password that made them.

You can’t do the reverse. A hash digest like 5f4dcc3b5aa765d61d8327deb882cf99 can’t be computed to produce the word “password” that was used to make it. Hashing software is a one-way-street by design. The way that hackers solve this problem is by “cracking” the passwords instead. In this context, “cracking” means making a list of all combinations of characters on your keyboard and then hashing them. Then you look for matches between the list and a breached database of password hashes. You can do that with any computer, but it is much faster if you accelerate the process with a powerful graphics card. 

Graphics cards are those circuit boards that stick out of your computer’s bigger green circuit board. Among other things, this special circuit board has a GPU on it. A GPU is the shiny square tile on your graphics card that maybe says NVIDIA or AMD on it. GPU stands for graphical processing unit – they were built to make pictures load faster on your computer screen (or mine cryptocurrency if that’s your thing). As it turns out, they’re also great at calculating hashes too. A popular application for hashing is called Hashcat. Hashcat includes hashing software like bcrypt and allows you to try not just bcrypt but thousands of others and see how fast it was able to do so. We usually say “hash function” instead of “hash software.”

When shopping for a graphics card or cloud GPU, you’re given “calculations per second,” usually in “floating point operations per second” (FLOPS). The FLOPS measure doesn’t take into account the unique properties of hashing algorithms, password character composition, and the hardware “around” the graphics card like your motherboard, CPU, and RAM. Fortunately, hashcat made it easy for password recovery experts to automate testing their hardware on real hashing exercises and then log the results to share. The result is an ever-growing dataset of observed hashing performance using various hardware and hashing approaches called “benchmarks”.

“So how much difference does GPU power make in terms of cracking time?”

Assuming the 8-character absolute bare bones minimum password recommendation from NIST is used and a strong hash implementation is used (in this case bcrypt with a work factor of 10) it looks like this

So even with benefit-of-the-doubt bcrypt hashes using work-factor 10, we’re still talkin’ a few months TOPS if you have lots of cash. But for most budgets, a few hundred years is great! Especially at bcrypt’s price tag of $0.00, but remember; that assumes the password is randomly generated.

“So how did you pick just one of these to be the 2025 Password Table’?”

We reviewed password data breaches from 2007 to present (constantly making updates to present and historical events), as reported on by HaveIBeenPwned. 

In terms of the number of credentials breached, regardless of source, this is what it looks like as of April 2025:

But what most people probably care about more is which hashing algorithm is used on most websites. After all, we don’t usually create more than one account on a particular website/service, we create one account across many websites/services. Plus the results in the plot above get skewed by sketchy low security websites with tons of throwaway accounts that we probably don’t care about getting breached.

MD5 reigned supreme for many years but bcrypt eventually took the lead.

Password storage solutions like LastPass, 1Password, and Bitwarden use the hashing approach called PBKDF2 salted with a strong hash alternative to MD5, called SHA-256. Even NIST recommends PBKDF2 SHA-256. But as we’ve seen, things look different “in the wild.” Breached password hashes from Dropbox, Ethereum, MyFitnessPal and DataCamp all used bcrypt instead of a key derivation function like PBKDF2. Bcrypt also may be the more secure option in terms of resources required to crack it.

Like in previous years, we stuck with a stack of the latest/greatest consumer GPU. So witt that, the 2025 Hive Systems Password Table is based on the power of the RTX 5090 with 12 GPUs against bcrypt.

“But bcrypt comes in a lot of flavors/configurations - so what did you use?”

Bcrypt is timeless because it lets you set a “work factor” that you can increase as cracking hardware gets better. The default work factor in hashcat (a word order of 5) doesn’t really reflect what’s used in real life. We looked at the out-of-the-box bcrypt settings in various popular technology stacks to see what’s safe to assume. For example:

• OpenBSD

  • bcrypt has been the default password scheme since version 2.1.

  • Rrounds = 10

• Laravel

  • The Laravel framework uses bcrypt as the default hashing algorithm.

  • Rounds = 12

• PHP

  • PHP's password_hash() function uses bcrypt as the default algorithm.

  • Rounds = 12

• Auth0

  • Auth0 also employs bcrypt for password hashing, as stated in their blog

  • Rounds = 10

• SuperTokens

  • SuperTokens uses bcrypt by default.

  • Rounds = 11

In our testing we assumed and set a factor of 10 to err on the side of a realistic worst-case based on the above numbers and other research across default settings across other apps/libraries

“Ok but what about salting?”

Like Argon2id, and PBKDF2, bcrypt automatically salts the passwords, so no additional steps or salt baes are required when implementing them - other than setting the work factor (number of rounds).

“Neat. So what if my password has been previously stolen, uses simple words, or I reuse it between sites?”

Our password table focuses on the idea that the hacker is working in a “black box” situation and is having to start from scratch to crack your hash in order to show the “worst case” or “maximum time required.” Most hackers will prioritize which words and strings of characters they’ll work on first through the use of rainbow tables, dictionary attacks, and previously stolen hashes. If your password was part of another breach or uses dictionary words then your password table looks like this:

“Ok I’m with you. But AI uses some expensive and powerful computing power. What if hackers got a hold of that to crack passwords?

Love the way you’re thinking! So there’s a couple of things at play here: there’s the hardware that trained ChatGPT and then there’s the hardware that runs ChatGPT (called inference). According to OpenAI (who runs ChatGPT) it looks like this:

• Hardware that trained ChatGPT-3 was noted as 10,000 A100 GPUS

• Hardware that trained ChatGPT-4 was noted as 20,000 A100 GPUS

• Hardware that runs ChatGPT-3/4 was noted as a combo of A100s and H100s though numbers were only noted as “thousands”

We couldn’t get our hands on 20,000 A100s (or 10,000 for that matter) to run a test but we can infer based on how FLOPS scale linearly with Hashes. FLOPS are the advertised “calculations per second'' in general that GPU manufacturers write on the box. Hashes per second are the results of actual hashing exercises using hashcat. In other words, they differ but they differ consistently.

So if you’re wondering how much more powerful that is than traditional setups, it is LIGHTYEARS ahead as you can see on this graph:

So what happens when we take this UNLIMITED POWAH and put it up against bcrypt? Well, that green gets squished a bit and that purple gets a little bigger (not good). So in the same order as our list above, here’s our Password Table using the hardware behind ChatGPT against bcrypt (10):

“Well that’s a little concerning. Speaking of, what ever happened with that LastPass breach a while back?”

Excellent memory! We made a password table for that! Examining the LastPass Breach Through our Password Table. As part of it, we suggested that you perform a risk assessment and ensure your risk modeling technique includes modeling the risk of security controls themselves.

On the question of “aren’t I putting all of my eggs in one basket,” we think Daniel Miessler said it best on his blog My Philosophy and Recommendations Around the LastPass Breaches,

In short, all companies can be hacked, including companies like LastPass, and it’s much better to have your most sensitive assets with a large company that has nearly infinite security resources to detect and respond when it inevitably happens. 

Fast forward to 2025 and you have cybersecurity invetigative reporter Brian Krebs arguing that Feds Linked a $150M Cyberheist to 2022 LastPass Hacks. If that were true, it would mean the stolen LastPass hashes were cracked in just 2.5 years which is BAD NEWS.💀

“OK but surely that’s not ALL of the passwords? Some of the ones in your table show trillions of years?”

Good call again! Our current password table used bcrypt for it, but let’s reset the table to look at the hashing algorithm LastPass uses PBKDF2 SHA256. They use this for hashing master passwords for LastPass account, but then didn’t suggest users ratchet up their LastPass extension iteration settings from the default 5,000 iterations to a minimum of 600,000 until after the breach.

Assuming the attackers acquired the LastPass database, and that the 6 figure crypto goons hadn’t adjusted the LastPass default iterations, that would mean a randomly generated LastPass master password would break down to something like the table below, as the maximum amount of time required. But note that if the attackers were very lucky they could randomly generate password on their first try, so this represents the WORST CASE scenario. 

We should note of course that if the master password was not randomly generated it would have taken much less time (remember the Password Table from up above?). Attackers would start with words they know their targets might use and start with those instead of randomly generating strings - again meaning the times could be lower OR they could have cracked passwords more complicated than the ones we noted above. Science is cool!

“Ok but what’s the deal with these huge numbers?”

Different countries, regions, and schools of thought use different abbreviations for numbers. The password table uses the following:

Limitations of our work

• Cracking passwords this way assumes that the attacker has acquired a hash digest of one or more passwords, such as those found in password data breaches on HaveIBeenPwned.

• The implied attack assumes that MFA is not used or has been bypassed. If you can get access to download the encrypted database, like what happens with most password databases that are stolen, you don’t need to deal with MFA (or those pesky password lockouts) when making attempts thereafter.

• These metrics assume that passwords are randomly generated. Non-randomly generated passwords are much easier and faster to crack because humans are fairly predictable. As such, the time frames in these tables serve as a “best case” reference point. Passwords that have not been randomly generated would be cracked significantly faster.

• These metrics assume you’re using a password that has not been part of a breach in the past. Attackers will try hashes to all common and breached passwords before bothering to crack new ones.

• Hashing a bunch of potential passwords via character combos is only one step to “cracking.” The second step is basically doing a ctrl+f for matches between the hashed strings and the breached hashed password dataset. We assume that this lookup requires a trivial amount of additional computation and time.

• The password breaches that make it to HaveIBeenPwned’s hall of shame may not be representative of all the breaches that happen but that nobody hears about. There may be selection and survival bias filtering out cases before they make it on there. For example LastPass had a big scary breach but they still haven’t appeared on HaveIBeenPwned because the actual data hasn’t been shared publicly. It may also be that when people use strong enough encryption, they don’t bother sharing or selling the dataset because nobody will buy it or bother cracking it.

• We don’t include all QWERTY keyboard symbols. The symbols most commonly accepted on most websites, and generated by most password generators, is limited to ^*%$!&@# so that’s what we include in our calculations. That choice only impacts the right-most column of our tables. In other words we excluded the symbols crossed out in the following table:

Acknowledgements

• Thank you to the over 6 million of you who have seen, read, and shared our work!

• Thank you everyone who commented on last year’s Password Table here on the site, on Reddit, YouTube, via email and everywhere else! It helps us continue to make the table relevant and improves our research every year.

• Thank you to multiple people for assisting with translating the Password Table into multiple languages. If you’d like to see the Password Table in your language, please contact us.

• Thank you @Chick3nman512 for another year of answering our questions and sanity checking our hashcat results!

References

• Hashes per second (H/s) benchmarks were either generated by Hive Systems using hashcat on local hardware or cloud rentals.

• We obtained GPU hardware specs from the manufacturer or www.techpowerup.com/gpu-specs.

Want to see the Password Table from past years?

• 2024 Hive Systems Password Table

• 2023 Hive Systems Password Table

• 2022 Hive Systems Password Table

• 2020 Hive Systems Password Table

Share or leave a comment