Password-cracking tools optimised to work with SSDs have achieved speeds up to 100 times quicker than previously possible.

After optimising its rainbow tables of password hashes to make use of SSDs Swiss security firm Objectif Sécurité was able to crack 14-digit WinXP passwords with special characters in just 5.3 seconds. Objectif Sécurité's Philippe Oechslin told Heise Security that the result was 100 times faster than possible with their old 8GB Rainbow Tables for XP hashes.

The exercise illustrated that the speed of hard discs rather than processor speeds was the main bottleneck in password cracking based on password hash lookups.

Objectif's test rig featured an ageing Athlon 64 X2 4400+ with an SSD and optimised tables containing 80GB of password hashes. The system supports a brute force attack of 300 billion passwords per second, and is claimed to be 500 times faster than a password cracker from Russian firm Elcomsoft that takes advantages of the number crunching prowess of a graphics GPU from NVIDIA.

A free web-based demo of the technology can be found here. ®