Estimate crack time for password hashes based on hash algorithm and hardware hash rate. Compare MD5, SHA-256, bcrypt, and Argon2 speeds.
The hash algorithm used to store a password is the single biggest factor in how quickly an attacker can crack it offline. Fast algorithms like MD5 allow modern GPUs to compute over 100 billion hashes per second, while memory-hard algorithms like Argon2 reduce throughput to mere thousands. This calculator lets you select a hash algorithm, specify a keyspace, and see how long cracking takes at the algorithm's real-world hash rate.
This comparison is essential for security architects choosing password storage algorithms and for penetration testers estimating crack feasibility. By seeing the concrete time difference between MD5 and bcrypt for the same password, the case for proper password hashing becomes crystal clear.
Precise measurement of this value supports informed infrastructure decisions and helps engineering teams optimize system architecture for both performance and cost efficiency. Quantifying this parameter enables systematic comparison across environments, deployments, and time periods, revealing optimization opportunities that improve both performance and cost-effectiveness.
Many legacy systems still use fast hashes like MD5 or SHA-1 for password storage. This calculator demonstrates, in concrete time estimates, the enormous difference proper hashing algorithms make. It helps justify migration efforts and algorithm selection decisions to both technical teams and management. Having accurate metrics readily available streamlines incident postmortems, architecture reviews, and technology roadmap discussions with engineering leadership and product teams.
Keyspace = Charset ^ Length. Crack Time = Keyspace / (Hash_Rate × GPU_Count). Average = Crack_Time / 2. Hash rates per GPU: MD5 ≈ 150B/s, SHA-256 ≈ 10B/s, bcrypt(12) ≈ 50K/s, Argon2id ≈ 1K/s.
Result: 1,363 years (average)
An 8-character full-charset password has 95⁸ ≈ 6.63 trillion combinations. Against bcrypt (cost 12) at 50,000 hashes/s per GPU, the average crack time exceeds 1,363 years. The same password stored as MD5 would fall in about 22 seconds, showing a 2-billion-fold improvement from proper hashing.
The speed difference between hash algorithms spans many orders of magnitude. A single RTX 4090 GPU can compute ~150 billion MD5 hashes per second but only ~50,000 bcrypt hashes at cost 12. This 3-million-fold difference is why algorithm selection is the most impactful password security decision.
bcrypt slows down computation but can still be parallelized on GPUs with limited memory per core. Argon2 and scrypt require significant memory (64MB+ per hash), which severely limits GPU parallelism because GPU cores share limited VRAM. This makes Argon2 the best choice for new implementations.
If your system currently uses MD5 or SHA for passwords, plan a migration. A common approach is to wrap existing hashes: bcrypt(MD5(password)). On the next login, rehash directly with bcrypt. This provides immediate protection without requiring all users to change passwords.
GPU hash rates roughly double every 2–3 years. Plan for this by choosing algorithms and parameters that provide at least 10 years of security margin.
Hash rate is the number of hash computations a device can perform per second. It depends on the hash algorithm's computational complexity and the hardware's processing power. Fast algorithms have high hash rates (bad for passwords), while slow algorithms have low hash rates (good for passwords).
MD5 was designed as a general-purpose hash for data integrity, not password security. It uses simple mathematical operations that GPUs can parallelize extremely efficiently. It was never intended to slow down attackers, which is why it's unsuitable for password storage.
Use the highest cost factor that keeps login latency acceptable (typically under 250ms). In 2026, a cost factor of 12–14 is common. Test on your production hardware and increase the factor periodically as hardware improves.
Argon2 is memory-hard, meaning it requires significant RAM per computation. This makes it resistant to GPU and ASIC attacks because these devices have limited memory per processing core. bcrypt is only CPU-intensive, so GPUs can still achieve moderate parallelism.
Salts prevent precomputation attacks (rainbow tables) but do not reduce per-hash computation speed. A salt forces the attacker to compute each hash uniquely for each user, but the per-attempt speed remains the same.
Yes. The keyspace and hash rate concepts apply to any brute-force scenario: cracking encryption keys, nonces, tokens, or any secret with a finite search space. Just adjust the keyspace and hash rate accordingly.