Share your repls and programming experiences

← Back to all posts
Brute Force Password Cracker
CyanCoding (2191)
I built the Brute Force Password Cracker as a fun program to test out passwords, and to test my knowledge of Python 3 and its libraries.

Thanks for 1,000 likes :D
-Camden, 12/1/2020

OldWizard209 (1617)

I did the 1000th upvote. @CyanCoding

Not taking any credit tho

CyanCoding (2191)


OldWizard209 (1617)

No problem man @CyanCoding You deserved it :)

OwenBradstreet (130)

Hey dude. I'm not here to take a dump on your work, I can tell you spent a while making this, and it seems functional - I just wanted to give you some advice. A lot of this code could have been done way more efficiently, and it's very hard on the eyes. I have rewritten two of the excessively inefficient and hard to look at parts for you (Those if's with all the or's), you can take inspiration from it if you would like.

I hope this helps you out man.

PS - The parts I have rewritten can be distinguished by the large comments around the scripts. I completely fine with you flat out copying these scripts, I only ask you chuck some sort of comment somewhere saying I helped out. Thanks man.

OwenBradstreet (130)

@OwenBradstreet PS: I got 450 milliseconds reaction time on your Reaction Test :) I think I'm pretty good.

ABulman (9)

@OwenBradstreet it is pretty inefficient, a bit like their C# one

MikeJMS8910 (234)

@OwenBradstreet I did a reaction time test and got 8 milliseconds. I just clicked and as soon as I did it turned green

LaneMartin (108)

@OwenBradstreet uhh wow u got a big chunk of ur updoots from this comment lool pogger

Bunnytoes (165)

@ABulman the c# obe has 80 lines of code, seems pretty efficient to me

awesome10 (233)

i did a keyboard mash..
5 million guessed so far...
10 mil...
15 mil...
this could be a while.Feel free to leave this page open while you use the computer.
70 mil...
edit: i waited and...
500million guessed so far...
imma keep waiting
update: 1bil, 20mil guessed so far...
still going... 1bil 500mil...
omg 2 billion+

SharkCoding (11)

leeeets get 1000 vooooooooteeeeeeeessssss peeeeeeooooooppppppppllllllleeee

FlaminHotValdez (715)


SharkCoding (11)

now only 8 away!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Nayoar (581)

Hi! This is a cool project and I really like the use of colour. However, in places, there are major issues with the code: in under 10 minutes, I cut your 323 lines of code down to 259, with several lines becoming much shorter and easier.
The key to this is the string module:

import string

This module has several highly useful constants:

!"#$%&\'()*+,-./:;<=>[email protected][\\]^_`{|}~
0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ!"#$%&\'()*+,-./:;<=>[email protected][\\]^_`{|}~

I went through your code and replaced instances of "abcdefghijklmnopqrstuvwxyz" with string.ascii_lowercase for example.
The other thing I did was the section where you detect if certain groups of characters are in the password. You did

if "A" in password or "B" in password...

I changed this to

if any([char in password for char in string.acii_uppercase]):

The any function requires a list and if any of the items in the list are True, it returns True. The [char in password for char in string.acii_uppercase] creates a list: each item is True of False, depending on whether each character in string.ascii_uppercase is in the password. This means that if any of the upper case letters are in the password, our any() returns True. I did the same thing with the lowercase, digits and punctuation bits, the punctuation one being particularly satsisfying because previously you had individual if statements for each separate character.
Hope you found this comment useful, please upvote!

EpicRaisin (264)

only master programmers will know

FlaminHotValdez (715)

Petition to get this to 1000 cycles

SilvermoonCat (458)

gosh so many upvotes :D upvoted as well >> nice job

CodingCactus (4331)

@hg0428 it's brute force, if it was quick, then everyone's account would be hacked

LilWolfy (59)

That would be REALLY sad... 😔 @CodingCactus

paulramnora (7)

I don't get it...I typed in the password as: abc123; and, it currently says 100 million passwords guessed so far...(and, it still hasn't gotten it right, yet)??? Continuing to guess: 150 million passwords guessed so far.../350 million passwords guessed so far/...-etc. Surely, 'abc123' can't be that difficult to guess...?! 450 million passwords guessed so far.../500 million passwords guessed so far... Maybe, it should have started off by checking a list of the most commonly used passwords, first. 600 million passwords guessed so far.../760 million passwords guessed so far.../950 million passwords guessed so far. 1 billion, 5 million passwords guessed so far. It makes you wonder if it'll ever guess it...??? Anyway, I'm going back to sleep...can't just sit here staring at the screen...when not a lot seems to be happening. I billion, 675 million passwords guessed so far... OMG! I billion, 850 million passwords guessed so far.../2 billion, 225 million passwords guessed so far...

I admire the coding, seriously; it shows admirable skill and understanding of the overall Python language(which is a hell of a lot more than I've got). However, the program itself does seem to take an inordinately long time to guess correctly even a very 'simple' password. It's not my wish to put anybody down...I deeply appreciate anybody who sticks with learning 'how to code' fact, I'm trying to do the same thing myself. I wonder how the program might have performed if I had simply typed in as the password: abc...without the 123 part at the end? Maybe, I'll stop it, and, try, again. OK, so it cracked the 'abc' 9218 tries and 1 second. That's approximately 1217046 guessed passwords per second! So, I guess, it does work in certain specific cases.

Or, is it possible I might have typed the password wrong the first try...let me try entering: abc123, again. Hmm...the same result as before, apparently...55 million passwords guessed so far...

RilGames (0)

@paulramnora u have done this to me... why did u do this

lynnlo (51)

this doesn't use rainbow tables, in regular cracking we... I mean the crackers will use a rainbow table that'll check for common passwords like password password123 acdefg 12345678 Pa$$w0rd first and get the accounts that's the least secure in most cases getting the secure accounts are not worth the computing resources to bf.

HenryZelonka1 (91)

That's why it's called "brute force."

RayhanADev (2606)

Let’s get this to 1000 upvotes people!

RayhanADev (2606)

@CyanCoding “I am inactive on” lmao xD.

CyanCoding (2191)

@RayhanADev I use like once a week for small tests only but this is a comment I could get behind so I decided to respond😂

RayhanADev (2606)

@CyanCoding noice xD! Seriously wish you came around the community more often though. I can tell you are an og lol.

FlaminHotValdez (715)

@CyanCoding aw man that sucks... But I noticed you changed your bio so you don't have the "I am inactive on" part, are you gonna come back?

RayhanADev (2606)

@maxyang lmao ;P. We’re close, only 38 more upvotes!

RayhanADev (2606)

@maxyang did you know cyancoding would have 797 cycles without this project?

CyanCoding (2191)

@RayhanADev Nobody would know me if I didn't have this program hahaha

FlaminHotValdez (715)



mollthecoder (34)

The last number is out of the upvote box!

ScratchyGamer31 (3)

Attempting to crack password via CyanCoding's BFPC...

This could be a while. Feel free to leave this page open while you use the computer.

2 billion, 495 million passwords guessed so far...

epicman702 (497)

2 trillion, 495 billion, 135 million passwords guessed so far...
I never got that far...

itbarsoum (62)

Password Password

I typed in the password Password and we're currently at 800 million passwords and going...

Writerfrighter (25)

Its not useing the rainbow thing so XD @itbarsoum

phantomlord45 (2)

wow great work u need a metal for that

figglediggle (141)

danm you got yourself hella clout

TobyS (57)

"Import replit" doesnt work anymore. Idk why

epicman702 (497)

I entered XDDDDDDDDDDDDDDDDD (maybe longer) for the password and its still going after one billion...

Thats why im laughing so hard!

JoshuaKing1 (66)

Password: a
1 try 1 second!

PYer (4015)

Its crazy! Years (maybe 1 or 2) later your project is still on top! It is even still getting views. look at the one comment before me. in new of course, and that was 1 month ago! If you look at the most recent reply, it is 3 days ago. Since me posting this of course, on own bradstreets comment? I have no idea how you did this, this is really cool though.

adityakin (1)

but make facebook,twitter,gmail password brute force

SagittariusJQ (0)

7 tri, 5 bil, 2 mil guesses for my password??? :o

SagittariusJQ (0)

@SagittariusJQ Has anyone got that far yet, or is it just me?

mithun12 (1)


import random
import time

characters = ["a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", \
              "m", "n", "o", "p", "r", "s", "t", "u", "x", "y", "0", "1", \
              "2", "3", "4", "5", "6", "7", "8", "9", "q", "v", "z"]

target_password = ""

password_length = 3 

reps = [0, 1]

status = "ongoing"

all_guesses = 0

digits = {1:0, 2:0, 3:0, 4:0, 5:0, 6:0, 7:0, 8:0}

def generate():
    global password_length, digits, status
    char_count = 0
    current_guess = ""
    index_counter = password_length
    while char_count < password_length: 
     char_count += 1
     current_guess += characters[digits[char_count]]

    digits_modded = "no"
    while digits_modded != "yes":
        if digits[index_counter] < (len(characters) - 1):
            digits[index_counter] += 1
            digits_modded = "yes"

            if index_counter > 1:
                digits[index_counter] = 0
                index_counter -= 1
                if digits[index_counter] < (len(characters) - 1):
                    digits[index_counter] += 1
                    digits_modded = "yes"
                digits_modded = "yes"
                status = "not_found"
                print(status, current_guess)
    return current_guess

total_time = 0.0

while reps[0] < reps[1]: 
    status = "ongoing"
    for pos in digits:
        digits[pos] = 0   
    if reps[1] > 1:
        target_password = ""
        while len(target_password) < password_length: 
            target_password += random.choice(characters)
        reps[0] += 1
        target_password = str(input("Enter a password to test\n"))
        password_length = len(target_password)
        if target_password == "":
            reps[0] += 1
            status = "stopped"

    this_time = time.time()
    guesses = 0
    while status == "ongoing":
        guesses += 1
        if generate() == target_password:
            elapsed = time.time() - this_time
            status = "Cracked"
            print(status + ": " + target_password)
            print(str(guesses) + " guesses, " + str(elapsed) + " seconds.\n___________\n")
            all_guesses += guesses
            total_time += elapsed

if reps[1] > 1:
    print(str(all_guesses / reps[1]) + " guesses per password")
    print(str(total_time / reps[1]) + " seconds per password")
Angelzeng (3)


Angelzeng (3)


Writerfrighter (25)

I put in a synbol... its going to guess forever


The one-thousand special that always spills outside:

CharlieGolding1 (1)

550 mill paswords till it found it

stoporinjail (172)

"might as well i've been waitin' for hours"