How Pathetic Is Your Password?
Tue Apr 4, 2006 1:36PM EDT
Think putting a "1" on the end of "daisy" is going to stymie crackers intent on breaking your password? Turns out that with a reasonably up-to-date computer, a dedicated hacker should be able to break it, by brute force, in about an hour and a half.
Lockdown.co.uk has a
handy document that shows just how secure your password really is, based on its length and the type of characters you use in it (all numbers, letters and numbers, uppercase/lowercase, special symbols, etc.).
Think about your most common passwords, then visit the site. You'll be most interested in the results for a "Class D" attack, which represents somone with a single, very fast PC. (Class E and Class F represent multiple PC attacks and aren't as likely to be involved with someone trying to break into your eBay account.)
As an example, the site notes that a password like "darren" would take all of 30 seconds to break. "Land3rz" would take 4 days. And "B33r&Mug" would take 23 whopping years.
Key to great security isn't just length, but adding in non-traditional characters, too: A great password should be eight characters long (or more), and include at least one number, one uppercase letter, and one special character like an ampersand. To make it easy on yourself, try using the same button on the keyboard in both lower- and uppercase versions. For example: "JjKkIi*8" requires you only hit four different keys (plus Shift), and they're all clustered in a tight group.
