Her şey tarayıcınızda kalır. Parola yok. Hesaplama tamamen yerel. Tek dış istek anonim bir sızıntı kontrolü (5 ilk hash SHA-1 karakterleri, asla şifre yok).

Bilimsel kaynaklar

Time2Crack kriptografi, bilgisayar güvenliği ve şifre kuvveti tahminlerinde akademik araştırmalara dayanmaktadır. Bu sayfa, algoritmalarımızı, değerlendirme yöntemlerimizi ve kalibrasyonlarımızı doğrulayan bilimsel kaynakları listeler.

İçerik tablosu

Hızlı navigasyon

Bölüm 1: Şifre Gücü Tahmini

Şifre gücü

Wheeler, D.L. (2016). zxcvbn: Low-Budget Password Strength tahmin. İçinde In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In 25. ABD Güvenlik Sempozyumu Bildirileri 157-173. USENIX Association. https://www.usenix.org/system/files/conference/usenixsecurity16/sec16 kağıt tekerleği.pdf
Relevance: Şifre kuvvetinin gerçekçi tahminleri için metodolojiyi keşfedin. Wheeler (2016) entropi bazlı metrenin (NIST, OWASP) enestimate güvenliği önemli ölçüde fazla olduğunu belirtiyor. Time2Crack bu yaklaşımı takip eder: Bilinen en iyi saldırının maliyetini tahmin edin, teorik entropi değil.
Pasquini, D., Sürekli olarak, A., Durmuth, M., & Buscher, M. (2021). Bias'ı Ağaç tabanlı modeller için Real-World Password Strength'u modellemek. İçinde In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In 30. USENIX Güvenlik Sempozyumu 3007-3024). USENIX Association. https://arxiv.org/pdf/2105.14170.pdf
Relevance: Şifre güç modellerinde önyargıların eleştirel analizi. Veri kümesi önyargı sonuçları gösterir. Time2Crack rockyou2021 (32.6M ağırlıked password) kullanır. Bu önyargıyı en aza indirmek için.
Bölüm 2: Metriks Değerlendirme

Değerlendirme yöntemleri

Wang, D., & Ding, S. (2023). No Single Silver Bullet: Parola Güçlü Ölçümlerin doğruluğunu ölçmek. İçinde In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In 32. USENIX Güvenlik Sempozyumu 2575-2592). USENIX Association. https://www.usenix.org/system/files/sec23fall-prepub-291 wang-ding.pdf
Relevance: Büyük karşılaştırmalı çalışma (USENIX 2023) 14 gerçek veri kümesinden 12 şifre gücü metre uzakta. Bunu belirleyin:
  • Ağırlıklı Spearman korelasyonu Doğruyu değerlendirmek için standart metriktir
  • Bilimsel hedef: > 0.85 İyi kalibrasyon için
  • Hiçbir metre uzlaşma olmadan var (zxcvbn: ρ=0.76, Hive Systems: ρ=0.68)
Time2Crack genel olarak . > 0.80 hedefliyor.
Golla, M., & Dürmuth, M. (2018). Şifre Güçlü Ölçümler konusunda. İçinde In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In Bilgisayar ve İletişim Güvenliği Konferansı'nın 25. ACM Bildirileri (pp. 1567-1580). ACM. https://maximiliangolla.com/files/2018/papers/ccsf285-finalv3.pdf
Relevance: Parola gücü metre (2018) için sistemsel değerlendirme çerçevesi. Tavsiye: Spearman korelasyon + Kullback-Leibler çevrimdışı saldırılar için farklılaşıyor. Time2Crack bu iki metrikleri içerir.
Castelluccia, C., Durmuth, M., & Perito, D. (2017). Markov modellerinden gelen Adaptif Şifre-Strengthometreler. İçinde In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In NDSS Sempozyumu Bildirileri. Internet Society. https://www.nds-symposium.org/wp-content/uploads/2017/09/06 3.pdf
Relevance: Açıklamalar metric α-Gueswork (Gα) : Şifre oranı G girişimleri ile kırıldı. Modelin pratik güvenliğini değerlendirin.
Bölüm 3: Saldırı Modelleri

Saldırı modelleri

Ma, J., Yang, W., Luo, M., & Li, N. (2014). Probabilistic Password Modelleri Çalışması. İçinde In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In Güvenlik ve Gizlilik Üzerine 35. IEEE Sempozyumu Bildirileri (pp. 689-704). IEEE. https://www.ieee-security.org/TC/SP2014/papers/A%20Study%20of%20Probabilistic%20Password%20Models.pdf
Relevance: Olasılıksal modeller (Markov, PCFG, sinir). Kelimelerin kombinasyonu ile saldırıların naif formüller tarafından hafife alındığını belirler (multiplication = yanlış bağımsızlık hipotezi). Time2Crack bunu rockyou Ampibration ile doğrular.
Dürmuth, M., Brostoff, S., & Oprea, A. (2015). Web Uygulamalarının Zorlanması Kurallarına rağmen başarısı. İçinde In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In 22. NDSS Sempozyumu. Internet Society. https://www.nds-symposium.org/wp-content/uploads/2017/09/nds2015 09-4 durhmuth kağıt.pdf
Ur, B., Alfayez, P. G., Bhamasamy, S. M. & ... Cranor, L. F. (2015). Bir Data-Driven Şifre Cihazının Tasarımı ve Değerlendirilmesi. İçinde In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In ACM SIGCHI Bilişim Sistemlerinde İnsan Faktörleri Konferansı (pp. 3775-3786). ACM. https://www.usenix.org/system/files/conference/usenixsecurity15/sec15-paper-ur.pdf
Bölüm 4: Markov ve PCFG

Markov ve PCFG modelleri

Weir, M., Aggarwal, S., Collins, M., ve Stern, H. (2009). Büyük Açılan Şifrelerin Oluşturulmasıyla Şifre Oluşturun. İçinde In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In Bilgisayar ve İletişim Güvenliği Konferansı'nın 17. ACM Bildirileri 162-175. ACM. https://www.search.net/publication/221614956
Relevance: PCFG metodolojisi (Probabilistic Context-Free Grammar). kuruldu:
  • Yapı bozulması (L=letter, D=digit, S=symbol)
  • Skeleton gerçek yapıları yakalamak için 20-50 eşi
  • Gerçek veri kümeleri üzerinde doğrulama (LinkedIn, Yahoo, RockYou)
Time2Crack SKELETON THRESHOLD=100 (30-50'ye kadar azalmayı planlıyor).
Dürmuth, M., Freeman, D., & Yazan, B. (2014). Şifre Neural Networks ile tahmin edin. İçinde In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In 25. ABD Güvenlik Sempozyumu Bildirileri. USENIX Association. https://courses.csail.mit.edu/6.857/2017/project/13.pdf
Houshmand, S., ve Aggarwal, S. (2015). Sonraki Gen PCFG Password Cracking. İçinde In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In IEEE Transactions on Information Forensics and Security10(8), 1776-91. IEEE. https://iee blastre.ieee.org/document/7098389
Relevance: Sonraki -Gen PCFG performans iyileştirme ve doğruluk ile genişleme. PCFG'ye milyonlarca şifre üzerinde geçerli bir yaklaşım.
Narayanan, A., & Shmatikov, V. (2005). Fast Dictionary Attacks on Passwords using Time-Space Tradeoff. İçinde In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In Bilgisayar ve İletişim Güvenliği Konferansı'nın 12. ACM Kararı (pp. 364-372). ACM. https://www.usenix.org/legacy/event/sec05/tech/full paper/narayanan/narayanan.pdf
Relevance: Sözel ve oluk tabloları ile saldırıların temelleri. Bu sözlük + mutasyonlar uygulamadaki şifrelerin% 95'ini kapsar.
Bölüm 5: Kalibrasyon ve Datasets

Kalibrasyon ve dataset

Zhang, Y., Monrose, F., & Reiter, M. K. (2010). Modern Şifrenin Güvenliği: Algoritma Çerçeve ve Empirical Study. İçinde In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In Bilgisayar ve İletişim Güvenliği Konferansı'nın 17. ACM Bildirileri (pp. 176-186). ACM. https://users.cs.jmu.edu/reiter/papers/10ccs.pdf
Ulusal Standartlar ve Teknoloji Enstitüsü (NIST) (2024). SP 800-132: Şifre bazlı Anahtar Türleme Fonksiyonu (PBKDF2). ABD Ticaret Bakanlığı https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nists özel kamulaştırma800-132.pdf
Ulusal Standartlar ve Teknoloji Enstitüsü (NIST) (2024). SP 800-63-3: Dijital Kimlik Kılavuzları - Doğrulama ve Yaşam döngüsü Yönetimi. ABD Ticaret Bakanlığı https://pages.nist.gov/800-63-3/sp800-63b.html
Relevance: Şifre seçme ve hash algoritmaları için NIST önerileri. kuruldu:
  • bcrypt, scrypt, PBKDF2, Argon2 kabul edilebilir algoritmaları
  • MD5, SHA-1 unsalted kabul edilemez (haw masaları)
  • 100k+ sözlükleri saldırılar için önerilen kelimeler
Hive Systems (2025). Hive Systems Password Table 2025. https://www.hivesystems.io/password-table
Relevance: 12× RTX 4090 GPU ile endüstriyel karşılaştırma referansı. Time2Crack bu profili temel olarak kullanır (12 GPU kümesi).
Sprengers, Bay. (2011). GPU tabanlı Şifre Cracking (Master's Thesis) Radboud University Nijmegen. https://www.ru.nl/
Relevance: GPU hız çalışması, çatlaklar için. kümeler kıyaslamalar MD5 için SHA-1, NTLM, modern GPU ile şifre.
Bölüm 6: Hash Fiyatları

Hash hızları ve karşılaştırmaları

Hashcat Project (2025). Hashcat - Gelişmiş Şifre Kurtarma (Official Benchmarks v6.2.6). https://hashcat.net/hashcat/
Relevance: Resmi Hashcat Benchmarks on RTX 4090 for all hash algoritmaları için. Time2Crack bu sayıları tek GPU hızları olarak kullanıyor ve deneyimli profil için 12 tarafından çok fazla harcıyor.
Gosney, J. (2016). 8x Nvidia GTX 1080 Hashcat Benchmarks. GitHub Gist. https://gist.github.com/epixoip /
Relevance: İlk sistem 330 GH/s NTLM (8 GPU kümesi). Endüstri tarafından çok-GPU referansı olarak geçerlidir.
Amazon Web Services (2024). Amazon EC2 P4d Proceedings - GPU Computing. https://aws.amazon.com/ec2/e example-types/p4/
Relevance: Ticari GPU altyapısı mevcuttur (100-1000 GPU kümeleri). Time2Crack profesyonel profilleme için kullanır (~100 GPU).
Ek Referanslar

Ek referanslar

Oechsle, D., Bauer, L., Grupe, J., & ... Durmuth, M. (2021). Empirical Password Dataset'in Rigorous istatistik analizine doğru. arXiv preprint arXiv:2105.14170. https://arxiv.org/abs/2105.14170
Klebanov, S. ve Malone, D. (2012). Şifre seçimlerinin dağılımını araştırmak. İçinde In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In 21. Uluslararası Dünya Wide Web Konferansı Bildirileri (pp. 569-578). ACM. https://www.faces.tcd.ie/~dwmalone/p/www2012.pdf
Castelluccia, C., Durmuth, M., & Perito, D. (2015). Şifre Neural Language Modeling aracılığıyla tahmin edin. İçinde In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In IEEE Transactions on Information Forensics and Security10/6), 1285-1296. IEEE. https://link.springer.com/chapter/10.1007/978-3-030-30619-9 7
Asgharpour, F., Bardas, A. G., ve Liu, D. (2017). Analiz Yöntemlerini karşılaştırmak ve birleştirmek. İçinde In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In In COLING 1637-1648). ACL.

Güncelleme: 17 Nisan 2026

← Back to tool