In 2012, a hacker created a 25-GPU cluster programmed to crack any eight-character Windows password in under six hours. These include letters, uppercase and lowercase, numbers, and any symbols.
That was almost a decade ago. Technology has only advanced and so have cyberattacks.
So what’s the trick? Does everyone need 15 character passwords to ensure their data is secure? In this article, we’ll cover how to create a strong password and just how long passwords should be.
The 15 Character Password
In general, a longer password is better than a shorter one. This is due to two common types of hacking: brute force hacking and dictionary hacking.
Brute force hacking is what the hacker did above, creating a system that ran through every feasible option to create every combination possible for passwords.
That eight-character password cracker ran through over 350 billion guesses per second. For each additional character, the amount of time required for a brute force hack goes up exponentially.
Dictionary attacks also prefer shorter passwords. These attacks utilize prearranged words and characters to guess passwords. Often the first letters are uppercase and the last are lowercase.
A password that is less than 12 characters has a much higher chance of being hacked in such ways than one that’s longer. Hence why a 15 character password is a great idea if you have data you want to remain yours.
Tips for Stronger Passwords
Let’s start with the obvious. Don’t make your passwords simple or overly personal. Here’s an example: the password for the computer system that controlled US nuclear missiles was 00000000.
Today, that would be an insane security risk. Don’t make your own passwords so simple. “PASSWORD” is a bad password, as is “BIRTHDAY1/1/1975”.
Using well-known facts about yourself, such as your birthday or your address or phone number, can be a dead giveaway to anyone trying to get your data. Similarly, substitutions aren’t always helpful.
Changing “HELLO” to “H3110” doesn’t make it harder for a hacker to break into your accounts. A better password idea is to do a mix of characters and letters (“H3L10”) to avoid being hacked.
Meanwhile, if you work in a team setting, self-service password reset can be a helpful practice when it comes to routinely creating good passwords. By ensuring resets on a regular basis, users must continually alter their passwords.
Team security is as strong as the user with the weakest, most predictable password. Don’t let it happen! By changing passwords regularly it’s harder for hackers to break in.
Longer Passwords, Stronger Security
While passwords can be longer, 15 character passwords are proven to lower the risks of having your data removed. Including a variety of numbers, symbols, and letters in different cases will bolster your password’s strength.
And in this day and age where oil pipelines and federal securities can be hacked, it’s better to be safe than sorry. Invest in good passwords.
Like this and want more? Check out our other blog posts for the latest in security, crypto, and all things tech.