Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Short passwords 'hopelessly inadequate', say boffins

17 Aug 2010   #1

Win 7 Ultimate 64-bit. SP1.
Short passwords 'hopelessly inadequate', say boffins


The availability of password-cracking tools based on increasingly powerful graphics processors means that even carefully chosen short passwords are liable to crack under a brute-force attack.

A password of less than seven characters will soon be "hopelessly inadequate" even if it contains symbols as well as alphanumerical characters, according to computer scientists at the Georgia Tech Research Institute. The security researchers recommend passwords at least 12 characters long.

The number crunching abilities of graphics processors were recently applied to commercial password auditing and recovery tools from Russian developer ElcomSoft. It's a safe assumption that black hats are able to use the same type of technology for less laudable purposes. Richard Boyd, of the Georgia Tech Research Institute, told the BBC that the number-crunching capacity of graphics cards compares to those of supercomputers built only 10 years ago.

More -
Short passwords 'hopelessly inadequate', say boffins • The Register

My System SpecsSystem Spec
17 Aug 2010   #2

Windows 7 Home Premium x64

If my 21 digit alpha numeric passwords are inadequate, then I think somethings terribly wrong .
I used to have a habit of using short passwords like you just suggested not doing . Then my website got hacked and that was lesson learnt. Moral of the story, don't overreact and use super long passwords or very short ones .
My System SpecsSystem Spec
17 Aug 2010   #3

Windows 7 Home Premium 64 bit

12, 21. Would it really make any difference with current technology. If they want to get in they will. It'll just take a few milliseconds longer surely?
My System SpecsSystem Spec

17 Aug 2010   #4

Windows 7 Professional x64

Quote   Quote: Originally Posted by johnwillyums View Post
12, 21. Would it really make any difference with current technology. If they want to get in they will. It'll just take a few milliseconds longer surely?
By brute force, it would take around 1.75 times longer to crack a 21 alphanumeric password compared to a 12 alphanumeric password.

If people remember combinatorics from middle school, they would know that using a password with only alpha characters can substantially cut down the time required to crack a password. For example:

A 12 letter password using only alpha: 12*26! combinations or 4.8*10^27
A 12 letter password using alpha and digits: 12*36! combinations or 4.5*10^42

By mixing in numbers to your password, you increased the number of possible combinations by ~937,500,000,000,000 times.
My System SpecsSystem Spec
17 Aug 2010   #5

Windows 10 Pro x64 x3, Ubuntu

There are four character groups that should be included in strong passwords

Lower case letters
Upper case Letters
& Symbols

with a 12 character passwords the combinations do grow substantially

Even the simple "password" is harder to crack when it's "pA$sw0rD"
My System SpecsSystem Spec
17 Aug 2010   #6
Microsoft MVP

Windows 7 Ultimate 32bit SP1

Use a 'made-up' phrase or sentence for a password, being sure to mix it up.
My System SpecsSystem Spec
17 Aug 2010   #7

Windows 7 Home Premium x64

I use an alphanumeric password, but it's a far cry from exceeding 12 digits. I do have a much longer numeric key that I use for super sensitive stuff. Personally, there should be no digit minimums on passwords (like sites that say at least 6 characters, or whatever), because that just serves to narrow down the number of possibilities a bruteforce hacker has to try. For example, security people say hackers often try dictionary words first. If a site requires you to have at least a 6-character password, then that eliminates all the words in the dictionary that are five letters or less (which REALLY narrows it down).

I think the best an average Internet user can do is a) choose a password that is both letters and numbers (and symbols if you like), b) choose a password that is not directly associated with your identity (no family members' names, no friends' names, etc), and c) never EVER let anyone hear/see anything about your password, not the length, not the subject, not a hint, NOTHING. By doing so, you will drastically reduce someone's chances of hacking it. Even telling someone how LONG your password is only serves to radically lower the number of tries it would take them to get in.
My System SpecsSystem Spec
18 Aug 2010   #8

Windows 2000 5.0 Build 2195

Awww. I only have like 6 characters as a password. Makes remembering easier. Gee.

And my password is: ツღ金Ƹ̴Ӂ̴Ʒ
My System SpecsSystem Spec
18 Aug 2010   #9

Windows 7 Ultimate 32 bit

Passwords are like locks; they don't deter the determined.
My System SpecsSystem Spec
19 Aug 2010   #10

Windows 10 Pro x64 x3, Ubuntu


I prefer to think of them more like car and house alarms - they tend to stop the opportunist thief, and even the more determined is more likely to move along to the next more easily accessable target.

One other thing I tend to do is not advertise - full stealth on systems means that as far as the outside world is concerned my system does not exist. To use the above analogy - I draw the shades when I'm not at home
My System SpecsSystem Spec

 Short passwords 'hopelessly inadequate', say boffins

Thread Tools

Similar help and support threads
Thread Forum
Backup space inadequate error and sytem reserved issues linked?
Trying to set up a regular backup routine as I recently had to completely re install everything after a crash. However, now getting error message saying that space is inadequate on backup drive. Have also now noticed I seem to now a have a separate "System reserved" section on my primary drive? Can...
Backup and Restore
desktop short cut, log off?
how do u make desktop short cut of log off?
General Discussion
Inadequate Hardware?
I'm buying the Windows 7 Pro x64 version and I want to make sure my Specs are on the up-in-up. Now I know that both my motherboard and cpu are capable of running x64 bit versions of Windows, but my main concern is with the small stuff. Some users find that there are small graphical errors in the...
Hardware & Devices

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 13:56.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App