How Good Is Your Password?

Over recent years I’ve gone from 5 letter passwords, to 6 and 8 letters, to a combination of letters and numbers to my current 12 character hybrid of letters and numbers. Yet no matter how big or strong you think your password is, or how you feel nobody could possibly guess the date of birth of your late great grandmother, or the nickname your best friend’s sister had in primary school – its always good to see how fast that password can be broken.

Password recovery speeds looks at timing for Brute Force attempts on your password… definitely interesting reading! Having studied various security attacks and methods of password protection and encryption, if you find it interesting, you’d do well to give it a read.


  1. Sean April 20, 2006 at 6:17 pm

    It would take a supercomputer 60½ Hours to break my passwords! Thats fucking good!

  2. Dave April 21, 2006 at 7:59 am

    I have a couple of different ‘strength’ passwords but to crack the strongest one you’d have to use the 96 character list and mine is 10 characters long so it’s off the scale! So a very very long time. I’m only guessing but at least 1,000 years.

  3. Pingback: How Good Is Your Password at Dave’s Rants

  4. pb. April 21, 2006 at 9:35 am

    Just did the test on my regular password – 692 years to break, with 218 trillion combinations. I can rest easy. Then again… there is always that one in 218 trillion chance..

  5. Ken April 21, 2006 at 9:46 am

    Sean – 60 1/2 hours… you need a better password! 😉

    Dave and PB – fair play…. a thousand years is pretty good going. Pity there’s no figures for the further growth of the password (i.e. 10 character, 12 character etc.) but even looking at the growth rate up to 8 you’ll likely have no problem with your password being cracks – at least in this lifetime anyway!

  6. Damien Mulley April 21, 2006 at 9:55 am

    14 characters, upper, lower, numbers and symbols.

  7. Dave April 21, 2006 at 11:59 am

    You know what’s really irritating, when you have a good password and the bloody system in work demands that you change it periodically. As if that’s improving security.

  8. Ken April 21, 2006 at 12:13 pm

    and of course, that same system kindly reminds you that you’ve already used that password before meaning that its archiving all your old passwords anyway, no matter how good they are!

    annoying coming up with a good password when you’re perfectly happy with what you’ve got!

    And Damien – good password! Use something along those lines for the certificate encryption…

  9. Dave April 21, 2006 at 1:06 pm

    Whoops that didn’t work this one might though – h/ L8(;Jw0-752[“JJC}*}v(a>

  10. Ken April 21, 2006 at 1:08 pm

    good luck trying to remember a password like that!

    well…. over time, maybe…. but there’s quicker ways I’d rather log into windows!

  11. Neil T. April 21, 2006 at 3:39 pm

    Usually mine are 8 characters with a combination of uppercase and lowercase letters and numbers, so theoreticllay pretty difficult to crack through brute force methods. You just have to be wary of all of the other methods 🙂 .

    The exceptions are my PGP key password, which is 14 characters, and my WPA security key, which is 13 – all lowercase but with numbers.

  12. Sean April 21, 2006 at 6:32 pm

    Are all of them with the top grade though??
    If so wow..
    Im sticking to my password..
    What supercomputer wants to crack my password anyway??
    Its not like I have anything valubale! 😉

Leave a comment

Your email address will not be published.