Why your password is to weak

This content originally appeared on DEV Community and was authored by Eelco Verbrugge

Does your password requires at least the following?

• Must be a minimum of 8 characters
• Must contain at least 1 number
• Must contain at least one uppercase character
• Must contain at least one lowercase character
• Must contain at least one special character (!@#$%^&*)

Research recently showed this password is cracked in 39 minutes! Yes... you took a risk for brain damage in order to come up with a password like this or let your password manager did the job en still it can be cracked so so fast.

In 2020 this password was cracked in 8 hours. That's just 12 times slower then what it is now, imagine how fast it will be within the next 2 years from now.

Password on steroids

Best possible way to come up with a password is according to the Diceware-method https://diceware.dmuth.org/

Experts use this to add randomness to the words your password contains. Every 5 numbers you throw in a row belongs to a word. Repeat this process until you have at least 7 words and create a passphrase:

CannonVirtuousMovableUnnerveRectifiedCreasing

Safety vs userfriendly

One problem is this won't be acceptable by our minimal requirements like we said in the beginning. Of course we can add a number and exclamation mark or whatever, but this isn't the best solution.

Also this is pretty harshe to ask everyone to do for "just a password". This also depends on what the value is of what you are trying to secure. But since people are lazy, lets come up with a solution that works for everyone.

What we can do is higher the least minimal of characters used. If you go from 8 to 12, this means it can be cracked in 3000 years(!) in 2022. Still in 2020 this was 34000 years, so what will it be within the next 2 years? But it is at least takes waaayyyy more time to crack and hopefully a hackers decides to target an easier victim.

Source: https://www.hivesystems.io/blog/are-your-passwords-in-the-green?utm_source=tabletext

This content originally appeared on DEV Community and was authored by Eelco Verbrugge

Print Share Comment Cite Upload Translate Updates

APA

Eelco Verbrugge | Sciencx (2022-07-18T10:34:39+00:00) Why your password is to weak. Retrieved from https://www.scien.cx/2022/07/18/why-your-password-is-to-weak/

MLA

" » Why your password is to weak." Eelco Verbrugge | Sciencx - Monday July 18, 2022, https://www.scien.cx/2022/07/18/why-your-password-is-to-weak/

HARVARD

Eelco Verbrugge | Sciencx Monday July 18, 2022 » Why your password is to weak., viewed ,<https://www.scien.cx/2022/07/18/why-your-password-is-to-weak/>

VANCOUVER

Eelco Verbrugge | Sciencx - » Why your password is to weak. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2022/07/18/why-your-password-is-to-weak/

CHICAGO

" » Why your password is to weak." Eelco Verbrugge | Sciencx - Accessed . https://www.scien.cx/2022/07/18/why-your-password-is-to-weak/

IEEE

" » Why your password is to weak." Eelco Verbrugge | Sciencx [Online]. Available: https://www.scien.cx/2022/07/18/why-your-password-is-to-weak/. [Accessed: ]

rf:citation

» Why your password is to weak | Eelco Verbrugge | Sciencx | https://www.scien.cx/2022/07/18/why-your-password-is-to-weak/ |

Please log in to upload a file.

There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.