Follow us on Twitter Follow us on Facebook
September 26, 2023
You are here : What's New  >  News

News & Information from Jackson County

Latest News

How to crack a password in seconds

  • 11 August 2020
  • Author: Anonym
  • Number of views: 2895
How to crack a password in seconds

Weak passwords can be cracked in seconds.  Strength depends on 3 factors:

  1) Length  (longer = stronger)

  2) Complexity  (diversity = strength)

  3) Uniqueness  (Unique = not weak)

For example, a numeric-only, 10-character passcode can be cracked in just 40 seconds using easily available password-cracking tools.  But adding just 2 characters can increase time-to-crack by ninety-fold, from 40 seconds to an hour. 

Likewise, using a diverse mix of character types makes a password much, much stronger.  Simple passwords can be broken relatively quickly, but a complex password that includes a combination of numbers, upper and lowercase letters, and symbols take much longer to crack. 

But watch out!  A long, complex password can still be cracked in seconds if it is too common.  For example, complex passwords like "Passw0rd$" or "GoBeavers!" are hard to crack using brute-force mathematical algorithms, but are still easily guessed because they are so common.  Hackers have lists of millions of previously-used passwords, and will try every word in the dictionary before before resorting to brute-force math.  If your password is unoriginal, your account may be vulnerable.  It pays to think different.

Uniqueness is important in another sense, too.  If you use the same password for all your accounts, a hacker who steals or guesses your single password has the keys to your entire kingdom.  Setting a different password for each of your accounts will greatly limit the damage a hacker can do.  

To keep your online accounts safe, be sure to choose passwords that are long, complex, and unique.

For even greater security, enable MFA (aka 2-Factor or Multi-Factor Authentication) when available.  MFA is similar to requiring two keys to open a safe deposit box.  Many companies use SMS text codes sent to your cell phone as the second key.  With MFA enabled, even if an attacker does obtain your password, they only have one of the keys needed to access your account. 

One last tip: If someone has access to your email account, they can use it to reset the passwords on your other accounts using the "forgot password" option. For this reason, your email password is your most important password of all, so make it strong and keep it secret!  


For more info:  The CISA guide to strong passwords



County Close-Up


«September 2023»