02 July, 2010

How To Generate 'UnCrackable' Passwords

Since we are now spending more time online and logging in on several sites it has become necessary to have such strong passwords that cannot be cracked. Passwords must be really difficult to guess but easy to remember by the user.
A little insight and HowSecureIsMyPassword.net can help us a lot in this matter. HowSecureIsMyPassword.net can tell you how secure your password is and how long it will take to crack it.
Using this website's data I calculated the time required to crack some (standard) passwords. The result is shown in the table:

s. no.passwordtime to crack
1abcdefgh~ 5 Hours
2abcdefghij~ 163 days
3ABCDEFGHIJ~ 163 days
4Abcdefghij~ 458 Years
5Abcdefgh12~ 2000 Years
6Abcde@1234~ 17000 Years

The conclusion is :

1. Password strength increases with increase in number of characters.
2. Password strength remains same if the same letters are used in UPPERCASE or lower case.
3. Notice that the addition of a single capital letter 'A' increased the password strength from 163 days to 458 years.
4. In the fifth case two alphabets were replaced by two numerals which resulted in increase of password strength by nearly 5 times.
5 Adding only one special character increased the password strength 8 times.

A password with 10 characters having a mix of numerals, alphabets and special characters will take 17000 years to be cracked.
Taking in account all these factors we can say that a really strong (and nearly uncrackable-assuming that human life is shorter than 17000 years ) password is one which has:

1. at least 10 characters
2. a mix of lower case and CAPITAL letters, numerals and special characters.
3. it should not have a complete word-a random mix of word is the best.
4. a replacement of word with numerals like small case L with numeral '1' or zero (0) with alphabet (o) may increase the password strength several folds.
5. it must be easy to remember but difficult to guess.

No comments:

Post a Comment