RTX 5090 Outperforms H200 and MI300X in Password Cracking
Hardware tests show the consumer Nvidia RTX 5090 outperforms the datacenter AI accelerators Nvidia H200 and AMD MI300X across five common hashing algorithms. Using Hashcat, researchers measured raw throughput for MD5, NTLM, bcrypt, SHA-256, and SHA-512 and found the RTX 5090 delivered the highest hash rates in every case, for example achieving 219.5 GH/s on MD5 versus 124.4 GH/s for the H200 and 164.1 GH/s for the MI300X. The results highlight a simple technical reality: GPUs tuned for tensor-heavy AI workloads do not automatically excel at integer and bitwise workloads used in password recovery. For practitioners this matters when choosing hardware for mixed workloads, and it underscores how architecture and driver/kernel optimization determine real-world throughput more than peak AI-spec metrics.
What happened
Tests using Hashcat show the consumer GPU Nvidia RTX 5090 outperforms the datacenter AI accelerators Nvidia H200 and AMD MI300X when cracking common password hashes. Benchmarks across five algorithms recorded the RTX 5090 as fastest in every workload, with headline figures such as 219.5 GH/s for MD5 on the RTX 5090 versus 124.4 GH/s for the H200 and 164.1 GH/s for the MI300X.
Technical details
The research measured raw hash generation throughput for MD5, NTLM, bcrypt, SHA-256, and SHA-512 using Hashcat. Key benchmark highlights:
- •MD5: RTX 5090 219.5 GH/s, MI300X 164.1 GH/s, H200 124.4 GH/s
- •NTLM: RTX 5090 340.1 GH/s, MI300X 268.5 GH/s, H200 218.2 GH/s
- •bcrypt: RTX 5090 304.8 kH/s, H200 275.3 kH/s, MI300X 142.3 kH/s
- •SHA-256: RTX 5090 27681.6 MH/s, MI300X 24673.6 MH/s, H200 15092.3 MH/s
- •SHA-512: RTX 5090 10014.2 MH/s, MI300X 8771.4 MH/s, H200 5173.6 MH/s
Why the gap exists: AI accelerators are architected and tuned for high throughput on low-precision, matrix-multiply-heavy tensor operations. The H200 and MI300X prioritize tensor cores, interconnects, and mixed precision pipelines, often at the expense of the single-thread integer and bitwise performance that Hashcat workloads need. Driver support, compiler kernels, and microarchitecture integer throughput and clock behavior matter more than advertised AI-FLOPS for these workloads.
Context and significance
This is a useful reminder for practitioners that not all compute is fungible. Peak AI metrics, high-bandwidth HBM, and large VRAM do not guarantee superior performance on integer-bound, branching, or bitwise kernels. For security teams and infrastructure planners, the result clarifies cost-performance tradeoffs for GPU-accelerated password recovery, red teaming, and brute-force services. It also affects risk models for misuse: consumer GPUs can be more cost-effective for adversaries building cracking rigs.
What to watch
Vendors or Hashcat contributors may release optimized kernels or drivers that narrow the gap. Buyers should match hardware to the workload, and security teams should update threat models to reflect consumer GPU potency.
Scoring Rationale
The tests are practically useful for security teams and infrastructure buyers because they clarify workload-specific GPU performance. The story is notable for practitioners but not industry changing, so it rates in the mid range.
Practice interview problems based on real data
1,500+ SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problemsStep-by-step roadmaps from zero to job-ready — curated courses, salary data, and the exact learning order that gets you hired.
