Who doesn’t hate having to create new accounts and passwords for many websites now? To reduce the stress of remembering passwords, most people choose simple combinations that they use for different accounts. But you could be setting yourself up for hacking if you don’t complicate your passwords.
Password safety in years
A recent study by cybersecurity company, Hive Systems, shows that hackers can crack short and simple passwords within minutes. However, complicated ones could take as long as trillions of years to crack even by the most sophisticated hacker, according to CNBC.
You know you’re always prompted to use at least an eight-characters-long combination with a mixture of upper and lower case letters when choosing a password? Well, it turns out, even those are pretty easy to crack - the average hacker could get into the account within eight hours, with fairly basic equipment.
But according to Hive Systems, hackers could spend 438 trillion years getting past a password that’s at least 18 characters long with a good mix of numbers, lower and upper case letters and symbols.
The data was based on how long it would take a consumer-budget hacker to crack your password hash using a desktop computer with a top-tier graphics card.
Generating an 18-character password is not realistically feasible for the average internet user, but the study shows even a password with 11 characters – again, using a mix of numbers, uppercase and lowercase letters, and symbols – could still take hackers 34 years to crack.
You probably know this by now, but it begs repeating; do not recycle passwords for multiple sites. In an ideal world, it makes sense to have one key that all your doors, but once a hacker is able to crack your password for one website, they can access your other accounts, leaving you in a pickle.
Another way to protect your information and accounts online is to allow for 2-Factor Authentication. But even that, Hive Systems says some methods are safer than others. Alex Nette of Hive Systems says:
2FA is the BEST way to protect your most sensitive accounts. Using 2FA options like an authenticator app or a push notification are extremely secure. We don't recommend 2FA options like text messages (SMS) as they are less secure.