 TheNut
join:2004-12-19
Thornhill, ON
 ·Distributel Cable
| reply to TT12
Re: How Long It Takes to Break a WPA Key? For brute force attacks, there’s a formula you can use to determine how probable it is to find your key.
P = (L * R) / S
where,
P = Probability (between 0 and 1 [0% and 100%])
L = Maximum password lifetime
R = Login attempt rate
S = Size of password space
Using your example of 20 random key values (assume: a-z, A-Z, 0-9 = 62 possible characters), assume you change your key once a year (31536000 seconds), and assume the hacker is capable of trying 1,000,000 passwords a second.
P = ?
L = 31536000 seconds
R = 1,000,000 logins
S = 62^20 = 7.0 * 10^35
P = (31536000 * 1,000,000) / (7.0 * 10^35)
P = 4.5 * 10^-23
That’s a VERY small number. Basically it’s saying that the odds of someone guessing your password within a year is close to 0%. If you include other possible letters like ~, !, @, and so forth, that number gets even smaller.
Now let’s reverse the math. How many passwords per second would a hacker need in order to hack your key in a reasonable amount of time? Let’s say he wants to hack you within a day.
P = 1
L = 86400 seconds
R = ?
S = 7.0 * 10^35
P = (L * R) / S
R = (P * S) / L
R = 8.1 * 10^30 logins / second
A hacker would need to try 8.1 * 10^30 passwords a second in order to guarantee a password by the end of the day. Suffice to say, we’re far from being able to process at such speeds. |
