Tag Archives: password

Essentials, Make Tech Easier, More

How Long Will It Take to Crack Your Password?

Short answer: it depends on how complex your password is. Weak passwords can be cracked in seconds, while strong ones can take years.

The below information is taken from https://www.techrepublic.com/article/time-to-crack-your-password-guide/

In their 2024 Hive Systems Password Table report, Hive found that a complex, eight-character password that contains numbers, symbols, and both upper and lowercase letters will take seven years to crack — if an attacker were to use a top-of-the-line 12 x RTX 4090 graphics card.

In comparison, a five-character password with only upper and lowercase letters can be cracked in two minutes. Further, Hive says that a four-character password with only lowercase letters can be hacked instantly, while a five-character password with both upper and lowercase letters can be hacked in three seconds.

Looking into words versus numbers, Hive’s data shows that passphrases win over more traditional passwords. An 18-character password with only numbers would require 11,000 years to crack, but one with the same number of characters using lowercase letters would take 350 billion years to crack. This piece of data shows why passphrases, which use a long string of real but random words, can be more secure than a complex but short password.

Hive’s report shows that passphrases with a mix of 18 uppercase and lowercase letters, numbers, and symbols are the most difficult to brute force.

How to protect yourself and your organization from password cracking

Due to the progress in graphics and AI technology, most types of passwords require less time to crack than they did only two years ago. For example, a seven-character password with letters, numbers, and symbols would take seven minutes to crack in 2020 but only four seconds in 2023. Given these technological advances, how can you and your organization better secure your password-protected accounts and data? Here are a few tips.

Try using a passphrase instead of a password

A passphrase is a long string of often random words. Passphrases are often more secure than passwords and are usually easier to remember. Examples of this would be something like “Sunset-cola-Mouse!” or “GatePen2BoxerRose”.

If you go the passphrase route, there are a few things to remember:

  • Make sure it’s at least 10-15 characters or more.
  • Avoid using common phrases or song lyrics.
  • Choose a passphrase that’s memorable to you.
  • Add in some numbers and symbols to your phrases.

For a more in-depth tutorial, check out our What is a Passphrase? guide here.

Use a mix of numbers, symbols, uppercase, and lowercase letters at the same time

One of the main takeaways from the Hive Systems report is the significant influence complexity has on overall password strength. By complexity, I’m referring to the presence of letters (upper and lowercase), symbols, and numbers within passwords.

While having one character type makes your password more secure, having a mix of all of them will reap you the most benefits and security.

Essentials, Make Tech Easier, More

Top Tips for staying secure online

Top tips for staying secure online, borrowed from https://www.ncsc.gov.uk/collection/top-tips-for-staying-secure-online

While you can find a TON of articles explaining how to stay safe online, many are either too wordy, take too long to get to the point, or are annoying in other ways.

Here, borrowed from https://www.ncsc.gov.uk/collection/top-tips-for-staying-secure-online, are some pretty easily do-able things you can do to stay safe online.

  • Use a strong AND SEPARATE password for your email
    • After all, you probably stash a LOT of personal information in your mailboxes. Don’t reuse that password – that is just asking for trouble.
  • Install the latest app updates and software
    • Yes, there are a LOT of them, and they are constant [especially if you use a lot of software]. But update anyway – MDS Tech suggests starting updates before you go to sleep, so you are not aware of how long it takes.
    • Seriously – update. You’ll save headaches!
  • Turn on MFA/2FA – i.e. that thing where you get a text with a code when trying to login to an account.
    • Turn that on where you can – no, it is not perfect, but it is a bit like adding another lock on the door so the “bad guys” can’t get in.
  • Use Password Managers
    • This way you can have all of your passwords stored in one [VERY secure] place…. but make sure you have that one password stashed somewhere safe. There are lots of options out there.
  • Back up your data
    • Your computer WILL die [just like your car or refrigerator]. It is inevitable [see Murphy’s Law] that it will happen at the worst possible time. SO make sure you have backups of your data.
    • The hard part is figuring out how – and that is well beyond the scope of this article. Do a web search – something like ‘how backup [your operating system]”. For example – “how backup mac”.
  • Three Random Words
    • This is some advice that has changed over the years. Using three random words is FAR more secure than using just a few letters or numbers, and MUCH harder to guess. Some examples of decent passwords:
      • threerandomvehicles
      • FredGeorgeLIzrds [note the deliberate misspelling!]
      • IhaveNOidea!
    • Some website will require numbers, special characters like a period or an exclamation point, etc. The common theme here is to mix up type [upper case, lower case, number, characters] and make it as long as practical. 12 characters is far more secure than 8. 24 characters might be too aggravating to type in!

Thanks to Britain’s Nation Cyber Security Centre for posting the article serving as the source for this posting.