Never use short passwords of 8 characters or less

Why you should never use short passwords with 8 characters or less

Amount of time to crack short passwords of varying length
Amount of time to crack short passwords of varying length

Short passwords of 8 characters or less consisting of every possible type of keyboard character are easily cracked by modern computer setups that have been built for that specific purpose.

The strongest short passwords that have 8 characters or less have a finite number of combinations

The strongest short passwords that have 8 characters (or less) using every type of character – upper case and lower case letters, numbers and all of the other characters on a keyboard – have a finite number of combinations, measured in quadrillions, have been cracked by an array of servers running the Linux operating system on five computer servers, an array of 25 graphics cards and password-cracking software, trying every possible combination, working at an astonishing 350 billion guesses a second, in around 5.5 hours. Depending, of course, on how lucky the software is or how weak the password is.

If short passwords are weak, such as a words in a dictionary, they will be cracked in seconds or minutes because the software hacking tool uses a dictionary of every word ever used, probably starting with eight-letter words and working backwards to seven-letter words, six-letter words, etc.

The kind of computer setup that can crack the strongest eight-character password quickly

The kind of computer setup that can crack the strongest eight-character password in 5.5 hours and most of the eight-character passwords that users employ in minutes is impressive and expensive but affordable to computer hackers and cyber criminals who have stolen huge amounts of money from the bank accounts of people who have been persuaded or tricked by phishing emails to give them their login information.

There are websites that require logging into that only require eight-character passwords consisting of only upper and lower case letters and numbers that refuse the use of the other keyboard characters. These sites should be avoided due to the ease with which they can be hacked.

The longer and more diverse the password is in characters, the harder it is to crack. A diverse fifteen or sixteen-character password would take years to crack by the same computer equipment that takes 5.5 hours to crack any eight-character password. The higher and the more diverse the number of characters, the more possible combinations and the longer it would take for a computer setup to try every possible combination until it finds the password being used.

If a website’s passwords have been hacked, never just change a single character or add and extra character

You should NEVER just change a password by changing a single character or number, because if hackers have the original password, their hacking tools are set to try changing a single character or number or adding a single extra character, such as an exclamation mark. In other words, if hackers are discovered to have hacked into a password database for a website, ALWAYS change the entire password, not just a bit of the original password. And never use the same password on multiple websites.

The following article is worth reading. The man’s advice still stands. he just warns web users not to change passwords the databases of which have been hacked by merely changing a single character or adding a new character, because hacking tools exploit the fact that most people change passwords in that way.

Always remember to use a unique password for every website

Always remember to use a unique password for every website.There are many websites that create strong passwords. To find them online just use a web-search query such as: strong password generator.

Best password managers

I use sixteen-character passwords and use a password-manager. The web-search best password managers finds them.

The link below takes you to the information page of a good well-known free one called RoboForm. You just have to remember a single master password that encrypts all of the passwords it remembers. It creates a drop-down menu on your web browser’s taskbar containing the names of the sites the passwords of which you have made it remember. Read the user reviews.

RoboForm – how it works –

Should your computer pack in irrecoverably, you can always use the “Forgot password?” link which every site provides allowing you to reset your password by sending an email to your registered email address.

Other posts on passwords on this website

  1. Password recovery – Recover or reset passwords for Windows – OS X – iOS – Android and Linux devices
  2. Many Google Android devices are  easily hacked
  3. How best to make a wireless Wi-Fi router network secure
About Eric 275 Articles
I am an experienced PC technician who has been the owner and sole writer of the PC Buyer Beware! website since 2004. I am learning all the time in this very dynamic, ever-changing field.