Billions of Versions of Normal: 2144

Is your password 'password'? How about 123456? Or 12345678? If it is every hacker knows it. It's the passwords they try first when trying to guess passwords.

From an ARTICLE on passwords...

Before we examine what good passwords look like, it helps to know your adversary. Using a PC with inexpensive multicore graphics processing units (GPUs), a hacker can try about 8 billion password combinations in a second—thousands of times faster than just a few years ago...

8 billion passwords a second. At around one million words for a good dictionary that's about 1000 dictionaries worth of words a second.

Using just 4 of the 256 ASCII characters in a password it would take 1/2 second to check the 4.3 billion possible combinations. Go up to 8 characters and the combinations jump to 18 x 10 to the 21st power. But people have a tendency to just use lower case letters so that drops it back to 5.4 trillion characters. The would take 679 seconds or not quite 12 minutes to check.

So here's a break down on passwords from the article..

Password: Aquarius
Time to Crack: 9.08 Mintues

Password: Aquarius1
Time to Crack: 1.59 Days

Password: Aquar$ius1
Time to Crack: 19.24 Years

Password: Aqu57ar$iu3s
Time to Crack: 17,400,000 Years

I didn't check the times quoted here but a 12 character (or more) mix seems like the way to go. The combinations calculate out to 79 x 10 to the 27th power.

8 comments:

John A Hill said...: So combining upper/lower case, numbers and symbols make good passwords but the trick becomes remembering complex passwords--unless you modify words like:
B!11!ons
V3r5!ons
N0rm@l

or maybe
P@55w0rd; Jan 24, 2013, 3:19:00 AM
eViL pOp TaRt said...: This is great info as to why you should go beyond the simple passwords.; Jan 24, 2013, 6:04:00 AM
Big Sky Heidi said...: I'm making my passwords more complex now!; Jan 24, 2013, 7:11:00 AM
Mike said...: John - True but the hackers know to check a vowel substitute of 3 for e.

Angel - I need to change more of mine.

Heidi - Y3sUsh0u!d.; Jan 24, 2013, 8:22:00 AM
Margaret (Peggy or Peg too) said...: I know this but it makes me crazy.
I can't remember them as it is.
While I don't use anything as simple as password I have been known to use a word plus my birthday. which is 3,4,56.
So I'm sure I can be hacked if they figure out the first word in italian.; Jan 24, 2013, 8:32:00 AM
Mike said...: Peg - I don't know if they would check Italian dictionaries or not but the numbers would raise the bar on being hacked.; Jan 24, 2013, 8:47:00 AM
Dana said...: I've started doing the whole sir-mix-a-lot on the passwords, and am also trying to use different passwords on different platforms.; Jan 24, 2013, 11:51:00 AM
I'm With Stupid said...: My passwords are so good that even I can't figure them out.

Jay; Jan 24, 2013, 4:38:00 PM