• bnfdhfdhfd@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      edit-2
      1 year ago

      So those annoying as hell “6 character, lowercase and uppercase letters, special character” passwords give a full 6 minutes of protection. Good to know.

      • ngcbassman@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        For 6 characters is 5 seconds. I like the idea of using passphrases that mix casing with symbols but still they look like like real words, it make easier to write them down when you need them and they can be very long, so they are quite secure, of course using a password manager to be able to manage them.

        • bnfdhfdhfd@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Damn, even worse than I thought. I wish someone would show this to the people who set those ridiculous password requirements.

          I was glad when my work did away with monthly password changes and went with 15 characters minimum as the only requirement.

    • dbilitated@aussie.zone
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      I wonder if this assumes the cracker knows how long etc the password is when they start cracking.

      I always make my passwords “a” because I figure they’ll start cracking attempts at 5 characters 😁

    • Echo Dot@feddit.uk
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      edit-2
      1 year ago

      Why is 1,000 years yellow in that graph?

      If a password can’t be broke in 1,000 years it is utterly unbreakable in any effective sense of the term. No one’s going to run the program for a thousand years because even if they did it wouldn’t be relevant at the end of the process.

      Hell even 51 years is pushing it.

      • The_Vampire@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        Well, the rate passwords can be tested at now may not always be the rate passwords can be tested at later. Computers were, at one point, growing exponentially faster in terms of processing power. There are still several emerging technologies out there that could cause significant speed-ups.

        It’s certainly better to future-proof your passwords.