What could an attacker do if they gained access to PBKDF2 hashes?

The attacker would have to crack the hashes in order to obtain the original passwords. Since PBKDF2 does multiple iterations of the same hash function, the act of cracking them would be significantly slower. The end result is that even weaker passwords are less likely be revealed, leading to a significantly lower percentage of successfully cracked passwords in the credential list.


Assuming the attacker got the salts as well as the hashes, they could run a list of known previously used passwords against the list of hashes and get the passwords of most of the users, since the majority of users use passwords whose plain text has already been compromised somewhere. They couldn’t recover long well-chosen passwords that have never been used before.