How many characters does a password need to be truly secure?

Remember to regularly change your passwords. — AFP Relaxnews

The more characters in your password, the more difficult it is to crack. That’s why most online services now require passwords with at least eight distinctive characters (numbers, letters, special characters, etc). However, it’s even better to add a few more.

Cybersecurity specialist Hive Systems recently published a chart showing how long it takes to crack a password, depending on its number of characters and specific features. The chart indicates that eight-character passwords are only really effective if all kinds of different symbols are used. While it would take a hacker nine seconds to crack a four-character password containing numbers, upper and lower case letters, it would take seven years if it contained eight.

The biggest risk comes from using only numbers or letters. Here, even if you increase the number of characters, the risk of having your password hacked remains very high. For example, it will only take an hour for a hacker to find a ten-character password made up entirely of numbers. By increasing the number of characters to 14, it could take them up to a year.

In any case, as soon as you combine numbers, letters and symbols, you're making the "work" of pirates considerably harder. In such a scenario, mixing ten very distinct characters comprising numbers, upper and lower case letters and various symbols is quite safe, since it could then take hackers up to 33,000 years to figure out such a code!

In addition to choosing a complex password, you should opt for double authentication whenever possible, ie, go through an additional validation stage, often by text message, email message or via a special app, to be able to access your account.

That said, the subject of how to choose the best password could soon become obsolete, with the increasing use of passkeys. These digital access keys are in fact stored directly on the device and activated after the user has verified their identity through a PIN code, facial recognition or fingerprint authentication. As these keys are not stored online, they are far more complicated to hack. – AFP Relaxnews

×

Related stories:

Passkeys could make passwords a thing of the past

Report: Insecure passwords rampant among .gov emails

Google makes passkeys the default for account logins in push to replace passwords

Can AI be used by hackers to crack passwords?

Hate passwords? You're in luck – Google is sidelining them

Is it the end of the road for passwords as we know them?

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

   

Report it to us.

Next In Tech News
'Roaring Kitty' is sued for alleged GameStop manipulation
CDK expects all dealers to be live by early July 4
Renault's EV unit Ampere to bet on LFP technology for EV batteries
French antitrust regulators preparing Nvidia charges, sources say
Robinhood resolves issue that impacted trading platform services
Italy picks KPMG to value digital payment platform PagoPA, sources say
Samsung Electronics union in South Korea declares general strike
US Supreme Court throws out rulings on state laws regulating social media
AI-focused tech firms see big jump in market cap in June
Meta's pay or consent model in crosshairs for breaching EU tech rules

Trending in Tech

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.