Password Strength

by Robert D
Password1. Thr article says this is most likely your password. 5% of all passwords are something similar; maybe a little different, but not different enough. This password is so common because it fits the requirements for a strong password: see the capital and the number? Clearly, that’s not enough.

Brute force hacks happen frequently. This is when someone uses a program that generates every possible password. This is usually an effective way of hacking into someone’s system. But if your password is some variation on “Password”, they won’t need it. Worse? The 8 characters in the standard password don’t make it that strong. A brute force attack will break one of these within days of running. Actual stronger passwords contain many characters: think 15 and up. While 8 characters takes a few days, having a short sentence as a password will take decades to crack. The use of symbols has become standard in passwords, but it only guards against dictionary attacks, which use programs that insert every word in the dictionary as a password. They can be hard to remember; if you were going to go with symbols or length, only length would beat both the dictionary and brute attacks.

Cowley, S. “If You’re Using ‘Password1’, Change It. Now.” CNN Tech. 5 March 2012. http://money.cnn.com/2012/03/01/technology/password_security/index.htm

7 thoughts on “Password Strength”

  1. Great article, is a reminder for all of us that 8 character password is very common and every easy to hack.

  2. Hackers also know that people use the same password that they use for one account for all their accounts. This makes it easy to hack all aspects of person's life.

  3. I wrote an article about SQL injections being used to retrieve someone’s account passwords from pornography sites. The hackers also knew that the chosen username and password are probably used for the customer’s email and online banking accounts as well. That is why password strength is so important because they protect so much of our personal information. As hard as it may be, it is better to use different passwords for different accounts and to rotate them as well.

  4. This is something I worry about, making my passwords strong enough, but at the same time trying to remember them. Perhaps people should develop a system or scheme that they can remember. While a lot of us worry about key loggers, as the article mentions brute force hacking is still a major problem. Just how many people have a password that is actually "password"? Likely answer is too many.

  5. This is something I worry about, making my passwords strong enough, but at the same time trying to remember them. Perhaps people should develop a system or scheme that they can remember. While a lot of us worry about key loggers, as the article mentions brute force hacking is still a major problem. Just how many people have a password that is actually “password”? Likely answer is too many.

  6. I know it is very important to create a strong password and it is so funny that all the time I create a strong password I always forget it or have problems with it and that is why I always go with an easy to remember, not like the example provided in the article but still not strong enough. I will change mine!!

  7. 16+ characters include special, numbers, and alphabetical letters would take any brute force 6+ months to get through. But yeah, to remember 16+ characters password is not an easy job either. What I have learned from Dr. Carlton is better to use pass- phrase rather than password.

Comments are closed.