If you’re using your dog’s name as your email password, keep reading. A weak password can be cracked in under one millisecond by a hacker! By now you understand some of the requirements and best practices for a building and storing a strong password. Passwords should not contain common names or items of personal significance such as birthdays, anniversaries, nicknames, pet names, etc. Security breaches grow every day and password crackers are becoming exponentially more sophisticated. If you’re wondering “how secure is my password?” the following chart will show you how strong or weak your password is, and how long it would take a hacker to crack it.
After finding out how long will it take to crack my password, you’ll likely want to make a better one. Bear in mind that creating a strong password is a start, however changing your password frequently is a standard practice you should follow, at the most every 3 months, as it increases password security and reduces the chances of it being cracked.
How long does it take to crack a 12 character password? Size matters
It only takes .29 milliseconds to crack a 7-character password consisting of all lowercase letters. However; it would take nearly 200 years to crack a 12-character password of mixed lower case letters! Each time you add a character to your password, you increase the amount of time it takes a password cracker to decipher it. 8-character passwords take a few hours to crack, 9 character passwords take about a week to crack, 10-character passwords take months to crack, and 11 character passwords take about a decade to crack. Adding an additional character exponentially increases the security of a password. Hackers try new ways to crack passwords all the time, one of the most common methods is known as the “dictionary attack” where a hacker uses word lists of common words to scan for the correct one. You can easily avoid becoming a victim of a dictionary attack by adding numbers and special characters in your password, and not using common names.
Take a look at the sample chart below for a few examples for password length and strength:
Character type differences
Passwords are stronger when different types are used. A combination of upper case and lower case letters is good but adding numbers and special characters is even better. Strings of numbers, letters, and special characters makes a password cracker’s life much more difficult. You can alternatively use numbers and symbols for letters such as a 3 for an “e” or a 5 for an “S” as long as you include multiple letter substitutions and avoid using common words or names.
How long will it take to crack my password? Passwords weaken with time
What may have taken a few years to crack 10 years ago can now be cracked in a matter of days. Passwords weaken as technology evolves and hackers become more proficient. In just a few years, passwords that may be considered strong by today’s standards could become much easier to crack. You may have had a strong 7-character password a decade ago that would have taken several years to crack back then but now takes a few hours or days to crack.
How can you tell if your password was cracked?
Your password may have been cracked recently without you even knowing it. There are a few tell-tale signs your password has been cracked. For instance, some of your contacts will complain of receiving spam messages from you, you begin receiving failed send receipts, the login location of your account does not match your recently visited locations, and messages appear in your sent folder you did not send. If you suspect anything off with any of your accounts, change your password immediately! Occasionally your Internet Service Provider, email service provider, or social media account advisor will send you a notification of any recent hacking issues and urge you to change your password immediately. When this happens, first check the email address you received the message from and make sure it’s from the actual company and not from a phishing account made to look genuine. For instance, if you receive a Reset Password email, make sure it’s actually from Google and not from an email ending in “@google.chrome.to” for instance. If the email is genuine, make sure you change your password first and then login to check for any recent fraudulent activity in your account.
If you’ve experienced a hack in any of your accounts, you may feel violated and angered. While you may never be able to track down the culprit, you can take this energy and implement better security practices moving forward. Create a stronger password and change it frequently. Best practice for passwords security is to change them every 60 to 90 days and not use any of your previous passwords. Never write down your password, but if you do you can encrypt it so it only makes sense to you. For example, if your password is !TiohvetuL43 and you want to write it down you can write it as !T********43 as long as you remember everything in the asterisks.