Have you asked yourself these questions: What is a special character for passwords, and should your passwords include them? Should your password include both uppercase and lowercase letters? How long to crack an 8 character password?
Keep reading and find answers to these questions in our detailed overview.
Let’s figure out how long it takes to crack or brute-force different passwords depending on their length, character types, and letter case.
So that we’re on the same page, brute-force attack or brute force cracking is a cryptographic hack that relies on submitting all possible password combinations until the correct one is discovered.
Now guess how long it takes to crack an 8 character password, for example, “password”? You know, the answer may surprise you - 0.19 milliseconds. For comparison, the duration of blinking is on average 100–150 milliseconds.
Combining several types of characters (lowercase and uppercase letters, digits, and special symbols) is an extremely effective way to make your password stronger and increase the cracking time from milliseconds to millennia.
The maximum time it would take to crack the password “Password123” equals 41 years. If you add “/” or any other special character, this time increases to 63 thousand years. Impressive, isn't it?
Fun fact: It would take a computer about 7 quadrillion years to crack the password “[email protected][email protected]!” It could be a good example of a strong password… If only we didn’t make it available for everyone to see… Oops...
But, what is more efficient, a short password that combines several types of characters or a long one that consists of letters only? Let’s get this over with!
|8 characters password||10 characters password||12 characters password|
|Lowercase letters only||instantly||instantly||several weeks|
|+ 1 uppercase letter||half an hour||1 month||5 years|
|+ 1 number||one hour||6 years||2 thousand years|
|+ 1 special symbol||one day||50 years||63 thousand years|
It becomes obvious that the longer the password is, the more combinations there are to check and the more time this process takes. Thus, it makes sense to create long passwords. However, we highly recommend you not to neglect password strength and still use different types of characters.
It is also worth mentioning Moore's law. It states that the CPU and GPU double in speed and capability about every two years. Thus, the time to crack a password is also halved. It means that it would take 12 decades today, it would take 6 decades in 18 months, 3 decades in 36 months, and so on.
|Now||In 10 years||In 20 years|
|password||0.19 milliseconds||0.0059375 milliseconds||instantly|
|Password123||41 years||1 year 3 month 10 days||20 days|
|Password123/||63 millennia||1 millennium 970 years||61 years 6 month 20 days|
That’s why you should set up strong and unique passwords and change them from time to time. The recommended frequency of password changes ranges from every 30-90 days to every 1-2 years.
As it was mentioned before, it’s better to create long passwords with different types of characters. But that is not the only rule you should follow.
For instance, the password “John-1984” has 9 characters and consists of uppercase and lowercase letters, digits, and special symbols. But it isn’t strong enough, because it contains personal information.
To create a reliable password and be sure it won’t be compromised, check out these simple tips for creating a strong password.
If you need any help to create a password that meets all security requirements, our reliable password managers with the random password generator feature are at your disposal! Generate strong passwords with ease, immediately save them to the encrypted data storage, and you’ll never wish to create passwords yourself!
It’s very easy! Follow these simple steps and create strong passwords with no hassle:
Try out Passwarden and explore its safety and security features: generate strong passwords with a single сlick and store them in the protected data storage that is always at your arm’s reach!