Two posts ago on the 23rd, we mentioned an eye-opening presentation by Berthold Halm of Antares Computers in Bridgewater, Nova Scotia. One of his topics was about password security.
The bad guys have become incredibly efficient at cracking passwords primarily by using high-speed, high-volume super computers and a method known as “brute forcing.” Passwords of 8 characters that were considered “strong” a few years ago can now be cracked in minutes. Fewer than 8 characters can be cracked in seconds.
Two things matter in setting up more secure passwords—length and complexity. And just a few extra characters make all the difference. Consider this:
Time to crack a password with just letters and no special characters:
- 9 characters – 2 minutes
- 10 characters – 2 hours
- 11 characters – 6 days
- 12 characters – 1 year
Time to crack a password if you add a special character to the letters:
- 9 characters – 2 hours
- 10 characters – 1 week
- 11 characters – 2 years
- 12 characters – 2 centuries
You know what you have to do to avoid becoming a victim to a growing wave of online crime.
The next post on Monday, February 3rd will deal with a method for setting up passwords unlikely to be cracked.