View Single Post
Old 11-10-2011, 07:35 PM   #1
Lord of Blobs
fourwind's Avatar
Join Date: Apr 2008
Location: The Sunny meadows asylum.
Posts: 319
Default Password strength

Hey everyone, I'm here to clear up a couple things about password strength that have recently been brought up (Steam hack anyone?).

Lets take a look at password strength with this informative comic.

This person has grossly underestimated password strength. No matter how short and easy to remember your password is, if it takes at least 100 years to brute force you should be safe. Also he miscalculated password cracking time...

Granted, correcthorsebatterystaple takes 75,080,000,000,000,000,000,000 years to crack at 100,000 passwords a second, but do you REALLY NEED that kind of protection?

Here is an easy to remember password:
Now, this is two simple words that could easily be guess by a human. Except for the capital letter and number, which make that a mind numbing impossibility.
Now how long does it take a computer to brute force this password at 100,000 passwords a second?

155 million years.
How long does the average human live? 67 years.

I rest my case. No matter how long your password is, short passwords with a slight anomaly (Capital letter, number, symbol) are still far beyond safe.
It's also easier to type.

Last edited by fourwind; 11-10-2011 at 07:35 PM.
fourwind is offline   Reply With Quote