How Many Characters You Should Use for Strong Password
by Hiroshi on March 25th, 2010
Password complexity is important because it makes password strong. A strong password takes 1.8 million years to be hacked if hacker use brute force attacks. For brute force attacks, assuming 10,000 password attempts per second, the length and character set of the passwords can make a big difference. You should use atleast 9 characters long password containing uppercase, lowercase, digits and punctuation. That password will be so strong that it can not be hacked in one million years of continuous brute force attempts according to the following table.
Lower Case (26 letters) | Uppercase, Lower, Digits (62 characters) | Uppercase, Lower, Digits, Punctuation (62 characters) | |
Length = 5 characters | 19 minutes | 1 day | 8 days |
Length = 6 characters | 18 hours | 65 days | 2 years |
Length = 7 characters | 9 days | 11 years | 200 years |
Length = 8 characters | 241 days | 692 years | 19,000 years |
Length = 9 characters | 17 years | 42,000 years | 1.8 million years (STRONG) |
Also read: How to choose a strong password
Topic: Security, Tips & Tricks, Security News
Tags: Security, tips, hacker, password, attack, brute force