How Quickly Can Your Password be Cracked?

Share This Post

Analysis: “Strong” isn’t a detailed password rating; go for a quintillion possible combos and add a symbol.

Security breaches of mind-numbing size like those at LinkedIn and eHarmony.com set crypto– and security geeks to chattering about weak passwords and lazy users and the importance of non-alphanumeric characters to security.
And insisting on a particular number of characters in a password is pointless security-fetish control freakishness.
Nope. The number and type of characters make a big difference.
How big? Adding a symbol eliminates the possibility of a straight dictionary attack (using, literally, words from a dictionary). Adding a symbol, especially an unusual one, makes it much harder to crack, even using
rainbow tables (collections of alphanumeric combinations, only some of which include symbols).


How big is the difference in length and character?


Look below and pick which password-cracking jobs you’d want to take on if you were a computer. The examples come from the Interactive Brute Force Password Search Space Calculator: at GRC.com, the love child of from former InfoWorld columnist and freeware contributor Steve Gibson
How long would it take to crack my password: (Includes letters and numbers, no upper- or lower-case and no symbols)

Six Characters: 2.25 Billion Possible Combinations

  • They were cracking online using a web app and hitting a target site with one thousand guesses per second—3.7 weeks.
  • Cracking offline using high-powered servers or desktops (one hundred billion guesses/second): 0.0224 seconds
  • Cracking offline, using massively parallel multiprocessing clusters or grids (one hundred trillion guesses per second: 0.0000224 seconds)

Ten Characters: 3.76 Quadrillion Possible Combinations

  • Cracking online using a web app and hitting a target site with one thousand guesses per second: 3.7 weeks.
  • Cracking offline using high-powered servers or desktops (one hundred billion guesses/second): 10.45 hours
  • Cracking offline, using massively parallel multiprocessing clusters or grid (one hundred trillion guesses per second: 37.61 seconds.

Add a symbol, make the crack several orders of magnitude more difficult:

Six Characters: 7.6 trillion Possible Combinations

  • Cracking online using web app hitting a target site with one thousand guesses per second: 2.4 centuries.
  • Cracking offline using high-powered servers or desktops (one hundred billion guesses/second): 1.26 minutes
  • Cracking offline, using massively parallel multiprocessing clusters or grid (one hundred trillion guesses per second: 0.0756 seconds

Ten Characters: Possible Combinations: 171.3 Xextillion (171,269,557,687,901,638,419; 1.71 x 1020)

  • Cracking online using web app hitting a target site with one thousand guesses per second: 54.46 million centuries.
  • Cracking offline using high-powered servers or desktops (one hundred billion guesses/second) 54.46 years
  • Cracking offline, using massively parallel multiprocessing clusters or grid (one hundred trillion guesses per second: 2.83 weeks.

Take Steve’s advice: go for ten characters, then add a symbol.

Stay Ahead: Join the EwtNet Insider Email Club!

Stay informed and up-to-date with EwtNet's email subscription. Join our exclusive community and receive curated news, updates, and insights tailored to your interests.

Related Posts

How To Add the Multi Column Footer Widget To Blogger

This widget adds a multi column widget section to...

How to Add Username in Telegram Messaging App

Like Twitter, Facebook (and now, Telegram), the use of...

How to Display your Favorite Websites on your Windows 10 Start Menu

How organized is your Windows 10 start menu? Do...

How to Create and Manage Multiple User Accounts in Google Chrome

The recent versions of Google Chrome will let you...

How to Avoid Facebook and Twitter Disasters

Who knew your boss could see so much of...

How to Check the Power Status of Remote Control Batteries with your Smartphone

Earlier today I published an infographics on things you...
- Advertisement -

Discover more from EwtNet

Subscribe now to keep reading and get access to the full archive.

Continue reading