How Long Would it Take to Brute Force Your Password?

Here’s the bad news: Your password of “123456” can be cracked instantly and is about as secure as having no password at all. The good news is: you’re too smart to have that password in the first place... right?

A recent poll conducted by Google found that 24% of Americans have used common passwords such as “123456” or “Password,” making them incredibly easy to guess using a brute force attack.

What is a Brute Force Attack?

A brute force attack uses a trial-and-error method to test possible password combinations until the correct one is guessed and the account can be accessed. Simple brute force attacks try all possible combinations at random or in sequence, one at a time.

A dictionary brute force attack uses a list of common words and passwords. Many home routers and devices such as smart speakers, cameras and even thermostats come with default passwords. These can be used to gain access to your entire network, so make sure to change the passwords away from the defaults and use multi-factor authentication when available.

If one of your passwords was already breached, a cybercriminal can launch a brute force attack using variations of the known password. This is why it’s important to use a unique password for every site.

Our infographic shows how long it would take for a password to be cracked using a brute force attack. The shortest, most simple and most common passwords can be cracked in less than a second. The longer and more complex the password is, the less likely it is to be cracked, at least in your lifetime.

Password Best Practices

AllSafe IT recommends the following best practices to make sure your credentials are as secure as possible:

• Make sure your passwords are a minimum of 12 characters long
• Use a combination of numbers, upper and lowercase letters, and symbols in your passwords
• Avoid common passwords like abc123, Password, 123456, Iloveyou, Qwerty, Admin and Welcome
• Avoid using your partner’s, child’s or pet’s name in your passwords
• Do not reuse passwords
• Use a password manager to avoid re-using passwords
• Use multi-factor authentication to add extra security

AllSafe IT’s Safe Total includes password management and multi-factor authentication as parts of a multi-layered security solution. AllSafe IT’s comprehensive cybersecurity services are designed to identify, assess, and manage cybersecurity risks. We have aligned with the National Institute of Standards and Technology (NIST) framework for the design of our cybersecurity solutions. Our responsive team of security specialists will work with you to develop a customized cybersecurity plan equipped with key solutions for protecting, enhancing, and fortifying your company’s cybersecurity.

‍