Short passwords FTW

Passwords are a necessary evil. Around this time, everyone has a stack of passwords  and has developed ways of dealing with them. Unfortunately, many deal with multiple passwords by making them shorter and easier to remember.

This is not good. Using simple to use “desktop software”, passwords can be cracked in almost no time at all. Below is the time need to crack your password using a single desktop computer.

password crack

The scary part is that most password crackers do not use a single computer but rent out server farms dropping the times down by 10X – 100X.

Need a solution? Check out KeePass. A simple to use free utility that encrypts your passwords into a single file that can be carried/stored. The time you take to learn a real password manager and use pseudo random passwords will pay off in the future when your bank account/hotmail account doesn’t get hacked.

I have two clients who have had their email account hacked. It may not seem like a big deal but the email account had passwords, personal data and was used to send emails to their business clients with links to malware. This caused their clients to become infected with virus’ from their email account….Not a good way to impress your clients.

What do you use for your password managing?

Warning: count(): Parameter must be an array or an object that implements Countable in /homepages/35/d174669895/htdocs/ on line 399
  1. #1 by Christopher on June 7, 2010 - 12:57 pm

    Great point! The post title was supposed to be, “Short Passwords, Free the Wookies”.

    Not sure how you knew that but thanks. I will try to use less nerd and more English.


  2. #2 by charlotte on June 7, 2010 - 12:26 pm

    Hi- FYI(haha)- I am a moderate computer user. I am not familiar with all the acronym mumbo jumbo. Did you know there are at least 29 definitions for FTW, from ‘For the World’ to ‘Free The Wookies’. I benefit more from reading just plain old english ‘words’. Thank you! By the way, I love those monkeys.

  3. #3 by anita paulsen on April 25, 2010 - 2:29 pm

    thank you so much for that chart, i really appreciate that information. i am stunned by the wildly different times it takes to crack a password just by mixing it up and making it longer. i will never use a password less than 8 characters in length again. while i do not have a website or business that depends on the internet i do a lot online – emailing, shopping, banking, bill paying, etc – and as you mentioned, this requires a lot of passwords. i used to (gasp!) do just what you said many do to keep it simple and be able to remember them by using the same short simple all lower case password for them all even though i had read it’s not very secure (from the chart looks like it’s not secure at all) and better to have upper and lower case characters and also numbers, and all of the passwords should be different, but how to remember them? i knew it wasn’t good to keep them written down somewhere near the computer (i don’t access the internet with a computer but an msntv player) so i didn’t change my pattern until one day when some unauthorized purchases were made on my credit card for online ads. i am shut-in and hadn’t lost my card or used it out anywhere, so i figured it had to be someone who’d cracked my password, which meant he could get in anywhere i had used it! from then on i have used long mixed characters passwords with a different one for each site and i change them every few months or so. after reading your chart i feel really good about their security. only thing is, how to manage them? that keepass thing sounds great, very helpful and smart, but since i’m not using a computer i don’t know any other way than to write them down. if i were gone a lot i would find a hiding place for them not near my internet access.

(will not be published)