Deutsch
EnglishBrute-Force vs. Argon2: How Secure Are Your Passwords?
- Reading time:
- 4 min
Brute-Force vs. Argon2: How Secure Are Your Passwords?
At first glance, the figures from cybersecurity firm Hive Systems look alarming. As Heise reports, passwords with just eight lowercase letters, hashed with bcrypt, can be cracked in a matter of weeks – if powerful GPUs like the Nvidia RTX 5090 or even A100 are used. But these figures require context.
Why are passwords hashed?
Passwords should never be stored in plaintext. Instead, password hashing algorithms like bcrypt or Argon2 are used. These generate a hash value from the password that cannot be reversed. But if a password has low entropy – for example, because it’s short or easy to guess – attackers can try all possible combinations. This process is known as a brute-force attack. In practice, these attacks often use so-called wordlists, containing real passwords from past data breaches.
To even attempt such an attack, an attacker must first gain access to the hashed passwords – for example, via a successful cyberattack, data leak, or misconfigured database. Unfortunately, such incidents are common: In recent years, even major platforms like LinkedIn, Dropbox, and Adobe have been compromised. As a result, millions or even billions of password hashes have circulated.
Attackers often end up with actual login data: an email address, the cracked password, and at least one service where this combination worked. When such a breach becomes public, many services prompt users to change their passwords – which is necessary and right. But one thing often goes unnoticed: many users reuse the same email-password combination across multiple platforms. This reuse presents a real risk: it enables attackers to launch automated attacks on additional user accounts – so-called credential stuffing attacks.
Why are GPUs so effective at cracking passwords?
GPUs are optimized for parallel computations. While CPUs have 8 or 16 cores, modern GPUs have thousands of computing units. This means billions of password candidates can be processed simultaneously. With traditional, memory-light hash functions like bcrypt, this leads to a massive performance gain for attackers.
Memory as a weapon against brute-force: Enter Argon2
This is where Argon2 comes in. This modern standard is designed to be both computationally and memory intensive. A typical configuration uses several hundred megabytes to multiple gigabytes of RAM per hash. This severely limits parallelism.
Example: How memory slows attackers down
If a password hash with Argon2id requires 2 GiB of RAM, a GPU with 32 GiB VRAM can compute a maximum of 16 hashes simultaneously. With bcrypt, that number would be in the thousands. This severely slows down hardware – and nearly neutralizes the GPU’s speed advantage.
Which Argon2 variant is recommended?
Argon2 comes in three variants: Argon2d, Argon2i, and Argon2id. The recommended variant is Argon2id as it resists side-channel attacks and is well-suited to defending against GPU-based brute-force attempts. Even the German BSI recommends memory-intensive hash functions like Argon2id.
Argon2 Parameters (example values):
- Memory (RAM): at least 512 MiB (better: 1–2 GiB)
- Iterations (Time cost): minimum of 3
- Parallelism (Threads): 1–4 depending on the system
What can users do?
Users often can’t control how their passwords are stored server-side. But they can check that tools like KeePassXC or Bitwarden use Argon2id with high memory requirements for internal encryption.
How does Argon2 differ from bcrypt?
| Feature | bcrypt | Argon2id |
|---|---|---|
| Memory usage | very low | high (hundreds of MB to GB) |
| GPU protection | weak | very strong |
| Side-channel protection | moderate | high |
| BSI recommendation | outdated | recommended |
Why strong passwords still matter
Even the best hash function won’t help if the password itself is weak. Four-digit PINs (10,000 combinations) or passwords from wordlists can be cracked quickly even with Argon2. Therefore:
- Use long and complex passwords (e.g., >12 characters with symbols)
- Use a unique password for each service
- Use a password manager
- Enable Multi-Factor Authentication (MFA) wherever possible
Check your password security
With services like the Identeco Leak Inspector, you can check if your email has appeared in known data breaches. This helps detect compromised credentials early.
Frequently Asked Questions (FAQ)
What is the difference between bcrypt and Argon2?
Argon2 is more modern, memory-intensive, and far harder for GPUs to crack than bcrypt.
Which Argon2 variant is the most secure?
Argon2id, as it combines the strengths of Argon2d and Argon2i.
How can I check if my password has been leaked?
Use tools like Identeco Leak Inspector or Leakchecker Uni Bonn.
What are good parameters for Argon2?
At least 512 MiB of RAM, 3 iterations, and 1–4 threads. Adjust depending on your system.
Artikel teilen