A few seconds is all it takes for a hacker to crack your password, provided it’s less than 8 characters long. Naturally, the longer and more complex your password, the more difficult it will be for a cybercriminal to decode it. Here’s an update on the subject!
Is it possible to hack a password?
Are passwords necessarily easy to crack? This is the main criticism levelled at passwords, even though they have been used for many years to protect our various online accounts. Passwords are often criticized for being easy to crack, but it’s worth pointing out that they’re not all in the same boat. Of course, if you opt for a simple numerical sequence to protect your accounts (123456 for example), it will be very easy for a hacker to steal it. On the other hand, the more complicated a password is, with a combination of letters, numbers and symbols, the less easy it will be to decipher. Having a fallible password policy is a common vulnerability in penetration testing, and a simple adjustment of standards could avoid many problems.
A company specializing in IT security systems has conducted a study on the subject. The aim: to share best practices in this area, in order to achieve passwords that are difficult, if not impossible, for hackers to recover. The study also highlighted the time needed for a cybercriminal to find a password, assuming that all he has at his disposal is a desktop computer with a basic graphics card.
Strong password = at least 11 characters
The main revelation of the Hive Systems study is that 8-character passwords – the minimum required by most sites – will be a boon for hackers in 2023. In fact, the study reveals that this type of password can be recovered in a maximum of 5 minutes, or even much less if the password in question consists solely of numbers, lower-case letters or is less than 6 characters long.
The same study also paints a picture of what a strong password looks like. The main condition for a strong password? The password must be at least 11 characters long. It must also alternate numbers, symbols and letters (upper and lower case). Despite this, the password will not necessarily be infallible, but it will give the hacker who wants to recover it a lot of trouble: the study estimates that it will take him almost 3 years to hack it. That’s a long way from the 5 minutes claimed above…
17 characters for maximum security
Still according to the Hive Systems study, the only way to discourage a hacker from decrypting your password is for it to be at least 17 characters long. According to the calculations of the authors of the study in question, it would therefore take the hacker almost 380 billion years to succeed. The bad news is that it’s getting easier and easier for hackers to steal passwords. The proof? While it took 8 hours for a hacker to find an 8-character password (uppercase and lowercase letters, numbers and symbols) in 2020, by 2023 this had dropped to 5 minutes!
