This article summarizes publicly known attacks against cryptographic hash functions.
Hashes described here are designed for fast computation and have roughly similar speeds.
[31] Because most users typically choose short passwords formed in predictable ways, passwords can often be recovered from their hashed value if a fast hash is used.
Searches on the order of 100 billion tests per second are possible with high-end graphics processors.
[32][33] Special hashes called key derivation functions have been created to slow brute force searches.