How Secure is Your Password?

You’ve probably heard about the importance of having a ‘strong’ password, and may even have an enforced password policy at work.  But, what difference does using capital letters, numbers and symbols really make?  Actually, A LOT that your security could depend on.

Did you know that an eight character password that is all lowercase letters would only take about 2.4 days to crack?  That’s how long it would take the average hacker’s computer to process through every possible password combination for those 8 letters.  That’s scary!  But, the good news is that just adding a CAPITAL letter and an *asterisk* would lengthen the time for that same computer to process through all the possible password combinations to 2.1 centuries.  That’s more like it!

Basically, with today’s technology, it’s only a matter of time before a computer runs through all of the password possibilities for a given number of characters- or gets shut down trying.  That’s why making sure your passwords are strong enough is so critical.

Here’s a look at how long it would take the average computer to run through every possible password for a given number of characters (link):

With that said, it’s a good idea to set up an enforced password policy at work, if there isn’t one in place already.  Here’s a sample policy that requires users to change their login password every 90 days based on the following set of complexity requirements:

• Passwords may not contain all or part of the user’s account name
• Passwords must be at least 8 characters in length
• Must contain characters from 3 of the following 4 categories:
  1 – English uppercase characters (A through Z)
  2 – English lowercase characters (a through z)
  3 – Base 10 digits (0 through 9)
  4 – Non-alphabetic characters (for example, !, $, #, %)