Large data breaches over the years have yielded millions of hashes, many of which have been converted to their original password for research projects looking at password security. Consulting those lists is often the first step for someone trying to crack one.
If there are no matches, decoding tools and powerful graphics processors can be used to try and covert it. Typically, the longer and more complicated the password is, the harder is it to crack. Brute-force attempts create different word, number and symbol combinations in hopes of generating a matching hash. But that can take a long, long time.
Kevin Young, an adjunct professor of information security at Utah Valley University who studies passwords, said via email that there are people on IRC instant messaging channels that will crack passwords for free.
"It's a challenge, the thrill of the hunt," Young wrote.
The utility of Hash Hunters depends on how desperate you are to crack a password, he said. "If you're looking for the password to your girlfriend's laptop and wanna snoop around, it probably isn't worth it. If a disgruntled employee quit and changed the password on your network infrastructure, it would be worth every penny."
Send news tips and comments to firstname.lastname@example.org. Follow me on Twitter: @jeremy_kirk