just one more geek in a sea of austin techies

September 13, 2012

Password Cracking Estimation Tool #SecurityGeek

By now most of us have seen the "password strength" estimators when creating a new account on websites. That's handy but it's not nearly as eye-opening as the "time needed to crack your password" tool over at

Just enter your password -- or, preferably, a password that's similar-to-but-different-than any password you actually use -- and the tool estimates how long it would take a standard PC to crack your password. Although there are a number of advanced password-cracking techniques in common use (such as rainbow tables) the estimate appears to be based purely on the simple brute force method. This means the estimate is actually a best-case scenario -- a real world password cracking attempt is likely to take even less time.

And, yes, that "3 hours" estimate shown in the screenshot *is* the result of me testing a password similar to the passwords I get using my favorite password generation method. Time to rethink my password strategy...

No comments:

Post a Comment