Including numbers, symbols and letters in your password can reassure you that your online accounts are secure.
However, cyber security experts have warned that hackers can instantly crack a six-character password that contains all of these attributes.
New research from Hive Systems shows that hackers can crack your password in seconds – even if it’s longer than 10 characters.
That’s up to eight times faster than last year, which researchers attribute to technological advances.
“The time has finally come when passwords themselves are no longer secure,” said Alex Nett, CEO and co-founder of Hive Systems.
Including numbers, symbols and letters in your password can reassure you that your online accounts are secure. However, cyber security experts have warned that hackers can instantly crack a six-character password that contains all of these attributes (stock image).
“With the use of artificial intelligence tools and hardware readily available, it has never been easier for hackers to access our personal data. Without additional protection, I don’t think we can consider our data safe.
Research has found that number-based passwords are the most vulnerable and can be easily cracked by hackers if they are four to 11 characters long.
Also, it would take hackers just one second to crack a 12-digit password, while cracking an 18-digit password would take just under a week.
Lower-case passwords were slightly more secure, but not completely, and four- to eight-character passwords were instantly cracked as well.
And while it only took 30 minutes to crack an 11-letter password, adding seven more lowercase letters takes more than 480,000 years to create.
The most secure passwords were those containing a combination of numbers, symbols and various capital letters.
If they were four to seven characters long, they could be cracked instantly, but a 12-character password would take 226 years to crack.
According to Hive Systems, adding an extra six characters to that password would take hackers 26 trillion years to crack.
Hackers can now crack complex passwords eight times faster than last year, findings show (Using MD5, there’s a generator)
ESET Global Cyber Security Advisor Jake Moore added that using different passwords for each website is another way to protect yourself from cybercriminals.
He said: “Cybercriminals roam the dark web looking for these lists of hacked usernames and passwords in the hope that they can hack other accounts belonging to the same username using the same matching password.
“That’s why it’s so important to never use the same password twice.
“Furthermore, if people use the same password for many years, or with a simple change such as numbers at the end, they are effectively handing over the keys to their valuable data and even financial accounts to hackers.”
Hackers crack passwords using brute-force attacks, a trial-and-error approach to verifying potential usernames and passwords.
While this may sound like a tedious process, graphics cards can speed it up thanks to popular applications like Hashcat.
Hive Systems advocates that formal identity verification should be more widely used online to protect accounts and personal data.
They also recommend using password managers, but even those are becoming less secure as technology advances.
Last year, a 12-character password created by a reputable password manager could take up to 3,000 years to crack, but that has now been reduced to 226 years.
“Strong and unique passwords are not very strong anymore,” said Corey Nesky, vice president of quantitative risk at Hive Systems.
“A combination of a password manager that generates long, complex passwords and using multi-factor authentication is the best way to reduce risk.”
Mr Moore also added: “Passwords need to be long and unique, but they need to be coupled with multi-factor authentication, which means that if a hacker were to brute force your password or spoof it from you, they’d still need your device, one-time code or your biometrics to access your account.
“Using a password manager means you don’t have to remember the ridiculous amount of passwords we all need to have any kind of presence on the internet. You no longer have to use the same password everywhere or forget facts like your dog’s name or your child’s birthday.
#Cybersecurity #Expert #mistakes #hackers #crack #passwords