Modern Hardware Can Generate Billions of Passwords In Seconds - What Can You Do?
Nowadays credential theft through all sorts of attack vectors happens on a daily basis. Exposed, unsecured databases leak passwords, hackers breach even above-average defenses and obtain passwords in bulk, people are scammed and feed their own information in fake login forms as part of clever phishing scams. However, on today's powerful hardware, no small part of password cracking is done through simple brute-force.
Brute-forcing a password means using a powerful processor to generate as many unique combinations of symbols as possible with each cycle and create billions of potential passwords within a minute. This sort of task can be carried out using cloud computing that is not particularly costly in the present day. This means hackers can brute-force an incredible amount of passwords each day, then try feeding them into whatever system they are trying to crack. Of course, many systems have a limit on the login attempts that can be performed per minute and even completely block off login attempts after a set number of unsuccessful logins to prevent this sort of thing.
Despite all that, users choosing passwords should be aware of some general rules of thumb and good practices that should be observed when creating new passwords.
We have covered some of the weakest passwords that are still in use today before. However, it never hurts to go over those rules as a refresher. Here are a few things to keep in mind when choosing passwords:
Never choose single words
Apart from the obvious fact that a shorter password will be much easier to crack, single-word passwords are easy to crack for a number of other reasons. Keeping a password to just letters severely limits the possible combinations. The term "password space" is used to denote the total number of unique combinations that can be generated from an alphabet or a limited set of characters. With just 26 letters in the English language alphabet, the number of unique combinations of those letters in a single word is extremely limited.
Mix uppercase and lowercase letters
When you throw upper and lowercase letters in the mix, your password space is suddenly multiplied many times over. The introduction of variable case for each letter allows for much more flexibility when generating your password.
Mix digits and symbols together with your words or letters
To truly make the most out of your password and maximize security, you should consider adding a seemingly random mix of symbols (such as the asterisk, ampersand, number sign, exclamation mark, question mark, round or angle brackets, etc.) to your password string. The unpredictable position and type of those special characters in your password string takes the expanded password space you already had with upper and lowercase letters and raises it to a truly mind-boggling amount of possible combinations that goes well beyond the trillions.
Of course, keeping track of a large number of complex passwords can be a serious headache. Password management tools such as Cyclonis Password Manager can help a lot in keeping everything stored securely and easily accessible with minimal hassle, as well as help with the generation of strong password symbol combinations.