With all of the news lately about hackers gaining access to lists of user accounts and passwords (Google comes to mind), it is important to understand what constitutes a strong password. In many cases hackers get lists of usernames but the passwords are encrypted. The hackers use software to crack these encrypted passwords by generating random sets of characters until they find the password. This is called a Brute Force Attack.
We are led to believe that if we create a complex password– meaning a password with uppercase, lowercase, punctuation marks, numbers, etc. that this will create a strong password. Most people think that complexity beats length when creating a strong password. This is not always the case in the real world. Length will give you far more protection than complexity. Consider this…
‘k^XPxpa9’ – This looks like a pretty strong password. If I run this through the GRC’s Interactive Brute Force Password “Search Space” Calculator (https://www.grc.com/haystack.htm) I get these results:
It would take 18.62 hours to crack this password using an Offline Fast Attack Scenario: (Assuming one hundred billion guesses per second)
How about this password:
‘Arizona…………’ – Believe it or not, it would take 5.38 centuries to crack this using the same method as above.
Now I’m not advocating using a simple password like the one used in this example, but it is something to think about. Just remember the longer your password is, the harder it is to crack.
Christopher Diamond is the driving force behind CDA Tech Pros (http://cdatechpros.com), a full service computer consulting and support firm in the Phoenix area of Arizona. Christopher honed his skills supporting the IT departments in the entertainment industry in California until he relocated to Mesa, AZ in 2005. He now offers the same corporate grade support to businesses in the Valley with a wide range of services including Consulting, Implementation, & Support for Computers, Servers, & Networks, IT Security Assessments & Solutions as well as Website Development.
We here at CDA Tech Pros and Hogfish Studios are committed to making sure our clients get the most out of the time and money they spend creating and maintaining their perfect website. If you have any question about making your website work the best for you please give us a call at 480-422-1243 or drop us an email at mailto:email@example.com
Chris is also the Webmaster for this publication as well as the technical guy for Kitchen & Bath Design Chat, Nancy’s podcasts and NancyHugo.com