Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Many Seconds Would It Take To Crack Your Password?

Posted by samzenpus on from the guessing-game dept.

DillyTonto writes "Want to know how strong your password is? Count the number of characters and the type and calculate it yourself. Steve Gibson's Interactive Brute Force Password Search Space Calculator shows how dramatically the time-to-crack lengthens with every additional character in your password, especially if one of them is a symbol rather than a letter or number. Worst-case scenario with almost unlimited computing power for brute-forcing the decrypt: 6 alphanumeric characters takes 0.0000224 seconds to crack, 10 alpha/nums with a symbol takes 2.83 weeks."

22 of 454 comments (clear)

  1. Huh. by Anonymous Coward · · Score: 5, Funny

    I wonder if he's caching every string entered into a dictionary file...

    1. Re:Huh. by chill · · Score: 5, Funny

      Mine is huge but then again I found an easy way to get a huge password...anybody seen how big the serial is on your average bass? Its got uppercase, lowercase, numbers and symbols and its pretty long and since I know my babies and never sell them its a pretty easy set of long passwords to keep up with.

      If I ever catch a bass with a serial number, I'll give up fishing. Do you work in some genetics testing lab or something?

      --
      Learning HOW to think is more important than learning WHAT to think.
  2. Ha! by 2.7182 · · Score: 5, Funny

    That's silly. I just use my SS#. That has a LOT of digits. Who is going to guess that?

    1. Re:Ha! by agentgonzo · · Score: 5, Funny

      "SS#" is a rubbish password with just three characters. It takes only 0.00000209 seconds to crack it according to the tool.

    2. Re:Ha! by flyingfsck · · Score: 1, Funny

      The USA/Canada SS is a bit short, but using a credit card number as a password would be much better. It is pre-printed on a sturdy piece of plastic, always handy in your wallet and you can easily get a new one by telling your bank that some dodgy web shop got compromized...

      --
      Excuse me, but please get off my Pennisetum Clandestinum, eh!
    3. Re:Ha! by TeknoHog · · Score: 4, Funny

      "my SS#" my #ss.

      --
      Escher was the first MC and Giger invented the HR department.
    4. Re:Ha! by ciderbrew · · Score: 5, Funny

      You had your #ss cracked ages ago...



      really no need for that :)

    5. Re:Ha! by rolfwind · · Score: 5, Funny

      Really? Mine takes much longer than that. You should post it. Don't worry, it will appear as ***-**-*** on our screens just like mine did on yours just now. I just want to copy and paste it in the Steve Gibson's Interactive Brute Force Password Search Space Calculator to verify what you said.

    6. Re:Ha! by Anonymous Coward · · Score: 5, Funny

      hunter2

    7. Re:Ha! by Anonymous Coward · · Score: 2, Funny

      Mine you will never guess:

      password' ; EXEC sp_MSforeachtable @command1 = "DROP TABLE ?"; --

    8. Re:Ha! by TeknoHog · · Score: 4, Funny

      So that's why you call it the pound sign.

      --
      Escher was the first MC and Giger invented the HR department.
  3. Has anyone actually doublechecked his security? by Bananatree3 · · Score: 4, Funny

    Not to be suspicious, but "doublecheck you password strength! Just enter your passwords below...." even from a relatively trusted source is a little tough to trust....

  4. Re:Almost Unlimited? by TwentyCharsIsNotEnou · · Score: 4, Funny

    If the computing power was "almost unlimited" you could crack any password you want since it is essentially unbounded in its parallelism.

    Well, almost any password.

  5. Re:Websites by Gideon+Wells · · Score: 5, Funny

    My one bank does that. It irks me to no end. Kind of like an unmatched (.

    --
    by Anonymous Coward: I, for one, welcome the shift from car analogies to pizza analogies. um.. overlords?
  6. Re:Websites by SJHillman · · Score: 5, Funny

    )

    You're gonna break stuff if you keep leaving unmatched (

  7. Re:Websites by Anonymous Coward · · Score: 5, Funny

    )

    Fucker.

  8. Re:Link by Sarten-X · · Score: 3, Funny

    Link in link form.

    --
    You do not have a moral or legal right to do absolutely anything you want.
  9. Re:Websites by kahless62003 · · Score: 5, Funny

    c-c-c-combo breaker!)

  10. Post-it by jmccue · · Score: 5, Funny

    Well I entered in "Go to my office and look at the post-it on my terminal" and it said that will take "4.97 hundred billion trillion trillion trillion trillion trillion trillion centuries"

  11. Microsoft... by Anonymous Coward · · Score: 0, Funny

    While this is true, Microsoft only uses the first 8 characters.
    So long passwords are pointless on Microsoft products.

    CAPTCHA = pictures

  12. Password checker? by Scutter · · Score: 1, Funny

    Soooooo....enter your password into this completely legitimate and not-at-all-a-harvesting-tool password checker and we'll tell you if it's secure?

    Ima get right on that.

    --

    "Tell me doctor, with all of your defenses, are there any provisions for an attack by killer bees?"
  13. Re:Websites by phantomfive · · Score: 3, Funny

    Whatever, fix this )

    --
    "First they came for the slanderers and i said nothing."