How safe is your password? How long would it take an experienced hacker to figure it out? Well, that depends, of course, on the strength of your password.

It wasn’t too many years ago when super-easy-to-figure-out passwords were the rule of the day. In an effort to create passwords that were easy-to-use and easy-to-remember, people often came up with such classics as:

  • password
  • password123
  • mycomputer1
  • Their children’s birthdays:  Brian1125
  • A favorite sports team: Cubs123
  • Their own birthdays:  January17
  • Pet names: Fido555
  • Common phrases: timeismoney, gocatsgo, ineedavacation

For extra measure, the passwords were often written on a Post-it note and stuck to the side of the computer or kept in the top desk drawer.

Hopefully, with the level of malicious cybercrime activity we see today, those days are far, far behind us.

So how do you know how safe your password is? Well Hive Systems, a cybersecurity company located in Richmond, Virginia, conducted an extensive study to find out how long it takes a hacker to crack your password based on its composition. Their findings are displayed in the graphic below.

According to their findings, simple passwords with little variations and few characters are extremely bad. All numbers? Bad. Short strings of lowercase letters? Bad. Fewer than 10 upper and lowercase letters? Bad

What they found seems to work best, that is, seems to be the toughest to break, are long strings with a combination of uppercase and lowercase letters, numbers, and symbols. In fact, if you came up with a password with 18 characters that included numbers, symbols, and lower and uppercase letters, it could (according to their findings) take 438 trillion years to break.

While the fact that long complicated passwords are harder to crack than short simple ones may seem somewhat obvious, their findings provide valuable guidance for improving your own secure password writing talents. Compare your passwords against the various password compositions in the chart. What you may have thought was an uncrackable combination, may in fact be a surprisingly quick break-in opportunity for an experienced cybercriminal.

Contact wedoIT if you need any help with your password management.