How quickly can your password be hacked? It depends. Hackers use sophisticated knowledge and tools to try and crack passwords. You can make it harder for them by using multi-factor authentication, complex passphrases, or passwords created at random by a password manager.
New research from Hive Systems shows the relative strength of a password against a brute force cracking attempt, based on the password’s length and complexity:
Without getting too technical, the following are among the assumptions Hive Systems used to create this table:
- The implied attack assumes no use of multi-factor authentication (MFA) or that it’s been bypassed.
- These metrics assume that passwords are randomly generated (likely by a password manager). Non-randomly generated passwords are much easier and faster to crack because humans are fairly predictable. Passwords that have not been randomly generated would be cracked significantly faster.
- These metrics assume you’re using a password that has not been part of a breach in the past. You can learn if your passwords have been part of a breach using a dark web search.
To Create More Secure Passwords
- Always use multi-factor authentication. Though nothing is 100% fool-proof, MFA can encourage a hacker to move on to an easier target.
- Consider using a password manager to create longer, randomly-generated passwords.
- If you create your own passwords, use passphrases that include a mix of upper- and lower-case letters, numbers and symbols. Be sure to avoid using personal information that could be easily discovered by hackers on social media profiles or other online sources.
- Try to use long passwords with a minimum of 8-12 characters.
- ALWAYS use a different password for every online account.
- If you discover a password has been found on the dark web, change the password and never use it again.
- Make it a habit to change your passwords regularly.
- Don’t share your passwords.
CRU Solutions can help protect your business from cybercriminals. Contact us!