It’s Easier Than You Think
One Man’s Blog has written an enlightening post about how easy it easy to crack passwords. I never realized how much a difference a single letter (and using upper and lower case) can make.
Here’s a table from his post reflecting how much (or little) time it takes to crack your password. It looks like I’ll start using 7 character passwords with both upper and lower case characters. And I’d definitely think twice about using a pin number for anything!
And if you use 14 characters, only Q would have the time to crack it.
| Password Length | All Characters | Only Lowercase |
|---|---|---|
| 3 characters 4 characters 5 characters 6 characters 7 characters 8 characters 9 characters 10 characters 11 characters 12 characters 13 characters 14 characters |
0.86 seconds 1.36 minutes 2.15 hours 8.51 days 2.21 years 2.10 centuries 20 millennia 1,899 millennia 180,365 millennia 17,184,705 millennia 1,627,797,068 millennia 154,640,721,434 millennia |
0.02 seconds .046 seconds 11.9 seconds 5.15 minutes 2.23 hours 2.42 days 2.07 months 4.48 years 1.16 centuries 3.03 millennia 78.7 millennia 2,046 millennia |
I encourage you to read the entire post, but he makes one very important point:
If you use the same username and/or password for several different sites, (like most of us), you’re at greater risk, because a hacker won’t try for your bank account first (since it’s probably the most secure). Instead, he’ll try to hack your info from say, an e-card account. And since your browser’s cache will contain info about the sites you visit (you can prevent this), he’ll have a convenient way to find out that you have an e-card account. Since this type of site might be easier to hack, he can use a brute force attack to obtain your username/password. And once he has it, chances are he’ll be able to use the same username and password for your credit card and bank accounts.
So you might want to revisit your passwords; I know I am.
Thanks One Man’s Blog and Lifehacker.
