Complete @hashcat benchmarks on the @NVIDIAGeForce RTX 5090 FE! Running nice and cool so far with solid improvements across the board. Most hash modes got at least a 20% uplift over the RTX 4090 and some modes boasting quite a bit more! Full Benchmark:

@CraigHRowland Why would bcrypt be rated worse than SHA256crypt and SHA512crypt? In practice, it’s generally much stronger.

@mcohmi @eTeknix The change is just adding 1 line in the tuning alias file, but the impact is difficult to estimate so for now we just can’t tell what the “real” performance will be for some of the modes. Some modes won’t see much/any difference though so we can still get a little info here.

@mcohmi @eTeknix Correct, these numbers don’t meet expectation. A 4090 out of the box hits ~250GH/s but added to the tuning aliases you’ll see ~285GH/s. 5090 should see ~25-50% depending on algo. 285->300=5% too low. 250->300=27% makes more sense. Looks like it’s underperforming like an OOB 4090.

@eTeknix Cool, if you end up wanting to take another shot at it let me know and I can get you setup for it :)

@eTeknix Might be a couple hours depending on the rest of the system. It has to compile each kernel at runtime for each device and you've got 2 devices selected. Unfortunately, the numbers will still be inaccurate so it'd be better to fix the alias first before spending that long imo

@eTeknix If you want to get a proper benchmarking run setup, I'm more than happy to help. Otherwise, this is still neat to see but it won't reflect the actual performance of the card.

RT @lakiw: Question: Is there a repository of password/credential spaying wordlists collected via honeypots (or similar methods). Bonus poi…

@TheMalcore Essentially, yes. They take any AIB cards they can find, pull the die and VRAM, and put them onto either specialized carrier cards or essentially just custom 4090s with other form factors, especially 2 slot blowers with edge power connectors for use in servers.

@Paul_Reviews Oh duh, you’ve set PASSWORD_DEFAULT which makes this bcrypt, assuming a recent version of PHP. With a 32 byte (bin2hex so 64 bytes?) salt and that pepper, the password is not even included at all in V1. In V2 it’s at least partly included though still truncated I presume.

@vgoklani_ai @__tinygrad__ Those are just normal 4090s

@vgoklani_ai @__tinygrad__ AIB = Add-in Board, the GPUs from manufacturers that aren’t AMD/NVIDIA/INTEL MCIO = Mini Cool Edge IO, it’s a connector class used for PCI-e/CXL SFF or more accurately SFF-8654 is the connector used by many SlimSAS cables and seems to be used interchangeably with MCIO for PCI-e

@__tinygrad__ Agreed, and the ones I tested were almost all power restricted more than the standard AIB cards too. I’m glad to see others have moved to this orientation already and are using the SFF/MCIO cables as well. It’s the right way to do this without resorting to water.

@axhoff @Yubico Depends on what I’m doing that day :)

@axhoff @Yubico I have several and they serve quite a few use cases from auth to MFA to key management, etc. I’ve been meaning to buy a few of the newer ones and reworking my setup but that’s been low priority.

@HackingLZ Some of the metal issues have been fixed in master iirc, building from source or grabbing the beta might clear those up.