Do you have such a password? The hacker will guess them instantly. We know how to make it take forever

Even a seemingly strong password can be cracked in just a few minutes or several seconds. It is enough that it will consist only of letters. Adding one digit to the string of characters also won’t do much. A skilled hacker can crack an 8-character password containing uppercase and lowercase letters and at least one number in just an hour.

Password too strong to be cracked. You have to wait tens of thousands of years

Of course, cybercriminals are increasingly resorting to trickery to take over someone else’s login details, e.g. to social networking sites or a bank. No wonder, then, that the Polish Internet is constantly flooded with new waves of phishing attacks (a method of impersonating well-known companies or institutions). Still, the primary method of getting into someone else’s account is to crack the password. Of course, hackers do not enter the combination themselves, but they use programs that check all possible combinations to guess the correct one (the so-called brute force attack).

In this case, password strength is key. The computer needs some processing power and time to find the correct one. Thousands of combinations are checked, which is why passwords containing common words, characters set in a specific order or combinations consisting only of lowercase letters are cracked the fastest. The longer and more difficult the password, the more time it takes to guess it. It takes the most time to crack a long password that contains uppercase and lowercase letters, numbers and characters arranged in random order.

According to the calculations, it takes a computer on average from eight hours (for 8 characters) to even 34,000 hours to crack a password. years (when the combination has 12 characters). However, a password consisting of 10 characters will be too difficult to crack, because no hacker will wait several years to find the correct combination of characters. You can see more in the graphic below. Proposals of passwords invented by you can also be tested on , where by entering your own combination, we will find out how long it will take a hacker to break it.

How long does it take a hacker to guess your password? photo: Gazeta.pl / source: Security.org / Statista

How to build a strong password? The weakest still prevail

Password length is extremely important. A random string of five or seven characters won’t be as strong as an easy to remember but strong password. The eight characters that many websites require when setting up an account is a bit too little. Experts advise that the password should be at least 12 or even 16 characters long. Secondly, it’s best to create your own string of characters, containing not only lowercase and uppercase letters, but also numbers and special characters (e.g. @, #, $, &). It is also important that the password does not contain common words (e.g. computer or office), information about yourself (first or last name), successive letters (abcdef or qwerty) and numbers, even in reverse order (654321). This makes it easier to crack a password.

The annual reports of the most popular passwords (both in Poland and in the world) have been dominated by … the weakest passwords for years. According to the list prepared by NordPass, in 2022 the most popular passwords were: “password”, “123456”, “123456789”, “guest” and “qwerty”. As many as 18 out of the 20 most popular passwords on this list can be cracked in less than a second. In Poland, passwords containing sequences of numbers (e.g. 123456), popular words (e.g. “polska”) and male and female names (“mateusz”), most often written with a lowercase letter, dominate. The vast majority of passwords popular on the Vistula River are also able to be broken by hackers in a few moments.

Most of us use weak, easy-to-crack passwords Fig. Gazeta.pl