Following up on my “10 Tips to Prevent Hackers“, I want to bring more emphasis on our number one tip – Strong Passwords. The effectiveness of security of increasing the length of a password by just one more letter, symbol or number grows in a very, VERY steep exponential rate.
In other words, for every extra digit you add on to you password you triple, quadruple or even 5x the different possibilities. The longer the password, the more effort required to discover it. However, longer passwords also means more difficult it is for users to remember it.
So, what if I tell you that a simple password would take a human hacker 580 million years to crack or even a super-computer up to 59 years?! Now, that would be optimum security wouldn’t it?
Average Time to Discover Password
No. of Characters
|1||36||3 minutes||0.000018 seconds|
|2||1, 300||2 hours||0.00065 seconds|
|3||47, 000||3 days||0.02 seconds|
|4||1, 700, 000||3 months||1 second|
|5||60, 000, 000||10 years||30 seconds|
|10||3, 700, 000, 000, 000, 000||580 million years||59 years|
This table of data consists of possible characters from A-Z and numbers 0-9. Human discovery assume one try every 10 seconds. Computer discovery assume one million tries per second. Also the “Average time to discover” assumes that the password would be discovered in approximately half the time it would take to try all possible combination.
Example of Average Time to Discover a Password
Let’s say for example – for a one character-password there’s 36 combination consisting of letters A-Z (26 possibilities) and numbers 0-9 (10 possibilities) When, we apply the assumption that each HUMAN attempt takes 10 seconds – hence a human hacker should take 360 seconds or 6 minutes to break the code.
Then we apply the second assumption that the hacker will discover the password exactly half-way through – therefore they will discover the password in 3 minutes which is referred to as the “average time to discover passwords.”
Exponential Growth – What is it?
Below you can see a visual representation of what I meant by the “exponential growth” earlier. Just by adding one extra digit you open up so many more possibilities and make it much harder for hackers to get into your sensitive files.
As you can clearly see – by just adding one more digit to your 3-letter password you decrease the chance of a “random guess” by such a value that it is almost impossible for a human to hack. I cannot stress enough on how significantly your security status improve for every extra digit you add – but don’t go overboard because you just might forget your next 20-character long password..
Now, Implement & Good Luck!
Hopefully all of that made sense. So, take this into consideration and use as many different digits as possible. Remember you are not limited to just numbers and letters – symbols such as “!@#$%^” are always good for extra unguessable protection.