By now most of us have seen the "password strength" estimators when creating a new account on websites. That's handy but it's not nearly as eye-opening as the "time needed to crack your password" tool over at howsecureismypassword.net.Just enter your password -- or, preferably, a password that's similar-to-but-different-than any password you actually use -- and the tool estimates how long it would take a standard PC to crack your password. Although there are a number of advanced password-cracking techniques in common use (such as rainbow tables) the estimate appears to be based purely on the simple brute force method. This means the estimate is actually a best-case scenario -- a real world password cracking attempt is likely to take even less time.
And, yes, that "3 hours" estimate shown in the screenshot *is* the result of me testing a password similar to the passwords I get using my favorite password generation method. Time to rethink my password strategy...
No comments:
Post a Comment