Your password can be hacked by a child in under 14 seconds – it is time to sort that out.
People choose stupid passwords, this is a given. Passwords like ‘password’ and ‘abc123′ regularly top the most common password polls even though a brute force attack (a program that just tries hundreds of combinations of letters, numbers and punctuation to guess your password) will likely try the top few thousand most used passwords before entering into a systematic trial of every combo. To put this into context if you used one of the top ten thousand passwords a brute force program like this – which I might add you can download pretty easily and for free – would be through your security in well under a second.
Obviously you don’t use a password like that – maybe you have a password substituting some numbers for letters – something like h0mAg3 which is pretty secure right?
Wrong, when people started using passwords like this the guys that make the hacking tools just upped their game and the capability to crack passwords like that was created, distributed and improved way quicker than it took for the message that password and abc123 are really bad passwords …and what we all ended up with was passwords that were difficult for us to remember but easy for computers to hack.
So what’s the answer?
Well obviously I can’t guarantee your security from a blog post but something worth knowing is that the length of your password really matters, think about it, for every extra character you have the number of possible combinations goes up factorailly (in all honesty I don’t know for certain if that is correct to say factoraily but sounds right so lets just agree that it is BY LOADS). So a longer password of three or four unrelated but easier to remember words like: second postman biscuit
So to put that into the context of a brute force attack a six character password like h0mAg3 would take about 14 seconds using a standard desktop PC and our easy to remember password combo of secondpostmanbiscuit would take 157 billion years – iknowright one hundred and fifty seven billion years.
- source: http://howsecureismypassword.net
This whole post is basically repeating the message in this famous cartoon from xkcd
Help – I can’t think of four random words
Well here are a couple of online tools that do just that:
This is the password generator I use
N.B. I am aware that much more sophisticated password cracking hardware and software exists and that integrating uppercase, numbers, non standard characters is better and obviously I am accepting no responsibility for anyone’s security :p