Jump to content
  • If your passwords are less than 8 characters long, change them immediately, a new study says

    aum

    • 1 comment
    • 852 views
    • 4 minutes
     Share


    • 1 comment
    • 852 views
    • 4 minutes

    Short and simple passwords can be cracked in a matter of seconds. Long and complicated ones? Trillions of years.

     

    That’s according to a recent study from Hive Systems, a cybersecurity company based in Richmond, Virginia, which breaks down just how long it would likely take the average hacker to crack the passwords safeguarding your most important online accounts.

     

    The findings suggest that even an eight-character password — with a healthy mix of numbers, uppercase letters, lowercase letters and symbols — can be cracked within eight hours by the average hacker. Anything shorter or less complex could be cracked instantly, or within a few minutes, by any hacker who knows what they’re doing, even if they’re only using fairly basic equipment.

     

    Meanwhile, a password that’s 18 characters in length – and which uses a mix of numbers, lowercase and uppercase letters, and symbols – could take up to 438 trillion years for the average hacker to crack, according to Hive Systems.

     

    The company compiled a color-coded graph to illustrate how quickly different passwords could be hacked, depending on their length and use of varied characters, and how those times have accelerated since 2020 thanks to faster technology:

     

     

    The findings back up the advice of experts like the National Institute of Standards and Technology, which also suggests choosing long, complex passwords with at least eight characters.

     

    To determine how long it would take to crack your passwords, Hive Systems used data from Security.org’s HowSecureIsMyPassword tool to determine how quickly the average hacker – meaning someone using consumer-grade equipment, including a desktop computer with “a top-tier graphics card” – can crack passwords of different lengths and complexities.

     

    In a blog post, company researchers explain how the process of cracking your passwords can work. It starts with a process called “hashing,” an algorithmically driven process websites use to disguise your stored passwords from hackers.

     

    If you plug the word “password” into one commonly-used hashing software, called MD5, you’ll get this string of characters: “5f4dcc3b5aa765d61d8327deb882cf99.” The idea is that if hackers break into a website’s server to find lists of stored passwords, they’ll only see hashed jumbles of letters and numbers.

     

    You shouldn’t, of course, use “password” as your password. In fact, it’s one of the most common passwords that end up leaked on the dark web.

     

    Hashed passwords are irreversible, because they’re created with one-way algorithms. But hackers can make lists of every possible combination of characters on your keyboard, and then hash those combinations themselves using the most commonly-used software programs. At that point, hackers only have to search for matches of the hashed passwords on their list to determine your original passwords.

     

    It’s a complicated process, but one that can easily be pulled off by any knowledgeable hacker with consumer-grade equipment, Hive Systems notes. That’s why your best defense is using the sort of long, complicated passwords that take the longest to crack.

     

    The report also strongly recommends not recycling passwords for multiple websites. If you do that, and hackers are able to crack your password for one website, then “you’re in for a bad time,” the company writes.

     

    Understandably, you might not want to remember 18-character passwords each time you log into an online account. After all, a password that takes trillions of years to crack isn’t very useful if it also takes you a few million years to remember.

     

    But even a password with 11 characters – again, using a mix of numbers, uppercase and lowercase letters, and symbols – could still take hackers 34 years to crack, Hive Systems estimates. And that’s certainly better than eight hours or less.

     

    Source

    • Like 2

    User Feedback

    Recommended Comments

    No hacker will never crack any password - he/she simply doesn't need those passwords never!

    Ourdays any Password protects your data only from You yourself and it does absolutely nothing else.

    If you really need to protect something, you need to use well-encrypted data transmission and storage. And that's all.

    If you disassemble, you can use.

    Example:

    content
    {"iv":"RFpvX4A+PreiUZwwEkn3rA","v":1,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"Y09c2ak/inE","ct":"aOk9QDaNGe04AthA2gLIEhkKz0srvRCwA7JU1xjh13KM1uAtfJrO/V5hWYhun4JrofK0gEXuu+EZ8/Dy6aK/X64tv5oe"}
    Key
    BUF#nbFmmT4JKhZ#B1RHF7kcAWXJHQHsF(Z!TLb6wWF#ZY9mYDmt8UeX!0PbTOV2

     

    Edited by Kalju
    Link to comment
    Share on other sites




    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...