We use passwords at all times, several a day, even if you don't realize it because you have them registered or stored so that they start automatically.
To buy, to tweet, to upload photos to Instagram, to connect to teleworking chat, or to save a video in the cloud. And they are not always safe enough. Do you know how long it takes to hack a password?
It will depend on the key you use whether it takes a few seconds or thousands of years.
Due to haste or ignorance, we do not always give the keys to the importance they deserve. Therefore, it is recommended that you pay attention to the times in cracking a password, in finding out it.
You will see the big difference between putting four or five figures quickly or spending a little more time doing something long and complex, something more complete that ensures that our data will not be stolen.
How long does it take to hack a password?
You may think that your passwords are very secure or that no one knows your pet's name, but the truth is that it takes a few seconds to decipher your pet's name, your date of birth, and your parents' anniversary date.
Although it will depend on how it takes more or less to decipher it, unfortunately, most of the keys you have will not take more than a day or two of effort to break them.
The cybersecurity company Hive System carried out in September 2020 a study on the time it takes to break, to crack a password that has numbers, lower case, upper case or all together.
Depending on the number of characters that your signs have and the type of symbols or characters that are in it, it will take more or less.
Some only last a few moments, although if you choose well you may be lucky that it takes a hundred years to decipher it. Of course, it is rare that we choose these keys.
Depending on the document or table created by the Hive System, a number of different colors have been chosen to show the risk of passwords. In each row, we see the number of characters in the key and in each column the type of characters that it includes: only numbers, only lowercase, only uppercase, numbers and uppercase, and lowercase and all the above together.
Thanks to a quick look at the table we can get an idea of what a weak password looks like or which is the most secure. In addition, the company establishes a series of colors to make the study carried out more understandable and visual and the danger of not taking care of the keys:
- In purple, we see the ones that crack instantly
- In red we see the ones that just took a few hours to hack
- In dark orange, it would take between several days to 5 years
- In yellow, between a year and a thousand years
- In green the best ones, the most difficult ones, the ones that would take the longest to crack
If you only use numbers ...
You use them in your passwords regularly: your anniversary, your child's birthday, your parents, your brother. And they are almost always a bad idea.
If you only use numbers in a key, you will need at least 18 digits in total for the key to be minimally secure. And even then you won't get it. With less than 10 figures it will be easily hackable, instantly.
If you have between 11 and 15 figures it can be deciphered in less than six hours in the most difficult of cases. And if you bet on 16, 17 or 18 figures, you can find out in less than a year, just nine months.
Therefore, it is not recommended that you use only figures for your password, even if you put all the dates in a row that you can think of. Even if it is very long, it will be unsafe.
If you only use lowercase ...
Another of the most common is to use only lowercase or letters in the password. Here we get a little more security but not optimal. Yes, you can get a password that takes many many years to find out, although it will have to be very long.
If you use less than seven characters it will be insecure and will be known in an instant. If you bet for less than ten and more than seven it will hardly take an hour to crack.
And if you use eleven or twelve it will take a little longer but it will also be simple: less than three weeks in both cases.
It can be more interesting from 14 characters, even if you only use lowercase: it can take up to a thousand years to find out. Is it the most convenient?
No, normally it is better to combine (as we will see in the next few paragraphs) and if you are going to use only lowercase, think that length is essential and it will not work to put qwerty as a password in your email.
Upper case and lower case…
From here we begin to have more interesting passwords that we can use safely without being overly involved. Of course, not if you use four or five letters to do it. Mixing upper and lower case is highly recommended but if you do it in less than 10 characters you will only get the signs to crack in less than a day. The recommended thing, as we see in the table, is to bet on this combination but with twelve or more characters. The more the better. Although it will not be impossible to crack. No combination of uppercase and lowercase letters will have optimal security for your passwords, although we can make it take 300 years or more to hack passwords. But always without neglecting the basic tips: avoid names that are easy to find out, etc.
Uppercase, lowercase and numbers
Compared to the previous three, here we can make it take a long time to crack a password. It won't do any good if you combine numbers, uppercase and lowercase in passwords of less than eight characters, nor is it useful if you do it with nine or ten.
But after twelve you can make it take more than 2,000 years to do it. Compared to the previous ones, using this combination is completely safe if you want your accounts not to be hacked.
Add symbols
Adding symbols will make it much more secure than all the previous ones. From twelve characters we will make it take thousands of years to hack a password.
As in all the cases explained before, the insecurity remains if you use less than eight characters.
It does not matter if you combine symbols, numbers or upper or lower case if you use only five or six characters because they can hack it in minutes or hours.
As we see in the table, the most “absolute” security will be achieved by adding all the symbols in long keys.
Conclusions
With the previous table, we can reach a clear conclusion: your passwords must be long and you must take care that there is not only one type of character.
The more the merrier. The more types, the more protected. The longer, the more protection. And the combination of both (greater length and greater diversity) will be what prevents cracking a password from taking a few seconds or a few hours.
If you bet on 18 or more and with letters, numbers, and symbols you can get them to take thousands of years to decipher.
Improve key security
The solution is quite simple: take care of your keys, be careful with them, choose well, do not repeat.
There are a series of tips that we can always follow when choosing strong passwords for all the services we have.
Especially for those who may have more personal or private information such as websites or cloud storage services, emails, or bank pages.
The best way to make passwords strong is:
Bet on passwords of twelve characters or more. Normally some services ask for it to be six or more characters but not always and we go to the minimum.
Having twelve or more will ensure that it is more difficult to crack or that they take less time to do so. It is recommended that they belong.
Include lower case, upper case, numbers, and symbols. Normally we include lowercase letters and perhaps a number but it is advisable that we bet on the combination of all the above.
Do not repeat in the different services. If they hack a service and your details are filtered, they will be able to enter the others. It is recommended that we never repeat as we would give you access to much more content.
Don't use personal dates or names that can be found out. The name of your son or daughter, that of your cat, or the date of your birthday can be data that is available to many people or that are easy to find out so it is better to avoid them.
Do not tell anyone your passwords. It may seem obvious but it is important that we bear in mind that access to an unimportant app if you have repeated it, you can give access to bank details.
Use password managers or generators, as we will explain in the next few paragraphs.
Password generators
Password generators are the best ally in these cases. We have many websites or services and applications in which we register every day: shopping, games, emails, social networks ... Having a different password for each of these services and remembering them is difficult.
Not only is it difficult to remember but it is also difficult to think about them differently and to think of options that have nothing to do with our private lives.
In this case, the key generators allow us to create secure passwords and in addition, many of them have services to store and remember them.
A password manager or administrator can be a web or app in which our usernames and the keys of everything we have are stored.
They are usually protected and the information is encrypted so that it is not in danger. You should make sure that they have two-factor authentication or that they allow us to receive notifications if a password has been leaked or if we have already reused it and it is not advisable to use it again on another website.
Generate strong passwords
There are two ways to use them: you can use a password manager to store them and always have them all different and secure at hand, as we have explained in the previous paragraph, or you can simply create strong passwords and decide how to use it.
you remember or save them. If you don't trust or just don't feel like having an app or a website. If you want to write them down in a secret notebook on your home desk (something we don't normally recommend) or memorize them.
In these cases, there are many creators or generators online in which you can choose the type of characters that are added and the length of it. You do not have to register and you will make sure that the key you are choosing is secure enough to use it.
Dashlane is one of the websites that allow you to generate secure keys by choosing the length of the key and what you want to add: letters, digits, and symbols.
Automatically adds uppercase and lowercase letters to create strong signs. You can update as many times as you want and once you are convinced of the one created, just copy it and use it in the service you want.
You will see that if you decrease the length to less than 11 characters the color of the screen changes, ensuring that it is an insecure or insufficiently secure key.
LastPass also allows you to customize the key with some 'extras' over the previous one. For example, you can choose to make it easy to say or easy to read.
You can also choose the length between one character and 50 characters and you can choose whether to add uppercase, lowercase, numbers, or symbols. Once it is, just copy the key to use it in the service you want.
They are not the only password generators on the Internet and you can choose any other that you know but always make sure that the password you are going to use follows the characteristics that we have recommended at the beginning: eleven or more characters and all kinds of symbols, letters or numbers. And never repeat it.
0 Comments