How Strong Is Your Password?
The Brute Force Calculator [via gHacks] analyzes your password and tells you how long a brute force attack on it will take. You don’t need to actually give your password out; you just enter how many upper case letters, lower case letters, numbers, and special characters it has. While the results can’t necessarily be taken literally, it still makes for some interesting comparisons.
You can brute force your way through a password of five random characters in only 0.03 hours. Six character passwords take 2.5 hours. Seven characters take 9.8 days. Eight characters take 924 days.
If you only use lower case characters, a brute force attack on an eight character password will take less than an hour.
So how do you create a strong password? Based on these numbers, you should have at least eight characters, and they should be random. Some places enforce the randomness by requiring that your password has both upper case, lower case, numbers, and special characters in them. While they can be difficult to come up with, to remember, and to type, they certain make your password more secure.
One way of creating such secure passwords is to take a line of a song or a poem you know (for example, “Lucy In The Sky With Diamonds”) and rewrite it by abbreviating words and using Leet (for example, “Lucy|t5w/D”). In fact, you could argue that “Lucy” should not be part of the final password as it makes the password prone to dictionary attacks. At any rate, this password certainly beats the most common passwords when it comes to security.
Comments
Comment from PawEng
Time November 12, 2008 at 6:56 pm
Louise, using a whole sentence as your password is an excellent idea. As you correctly mention on your passpack.com website, long passwords are more secure than short ones. The downside is that longer passwords are more cumbersome to use — unless, of course, one uses a password manager such as Passpack 
Comment from louise
Time November 14, 2008 at 5:59 am
@PawEng Thanks for the Passpack plug : ) I am glad you took a look at the blog and hope you found it helpful.
Longer usually does seem more cumbersome but I’m not sure if this is entirely true when it comes to passwords. At least for me, it’s easier to remember the password ‘rainy days usually make me sad’ rather than ‘r1d9u3m0m#s’.
And I for one have a horrible memory : )
Louise
Comment from louise
Time November 12, 2008 at 8:45 am
Why not make the line of your favorite song, your actual password?
Here’s a post from our blog on why longer is stronger when it comes to passwords:
http://tinyurl.com/yqebur
Louise (Passpack : )