How many characters does a password need to be truly secure?

Remember to regularly change your passwords. — AFP Relaxnews

The more characters in your password, the more difficult it is to crack. That’s why most online services now require passwords with at least eight distinctive characters (numbers, letters, special characters, etc). However, it’s even better to add a few more.

Cybersecurity specialist Hive Systems recently published a chart showing how long it takes to crack a password, depending on its number of characters and specific features. The chart indicates that eight-character passwords are only really effective if all kinds of different symbols are used. While it would take a hacker nine seconds to crack a four-character password containing numbers, upper and lower case letters, it would take seven years if it contained eight.

The biggest risk comes from using only numbers or letters. Here, even if you increase the number of characters, the risk of having your password hacked remains very high. For example, it will only take an hour for a hacker to find a ten-character password made up entirely of numbers. By increasing the number of characters to 14, it could take them up to a year.

In any case, as soon as you combine numbers, letters and symbols, you're making the "work" of pirates considerably harder. In such a scenario, mixing ten very distinct characters comprising numbers, upper and lower case letters and various symbols is quite safe, since it could then take hackers up to 33,000 years to figure out such a code!

In addition to choosing a complex password, you should opt for double authentication whenever possible, ie, go through an additional validation stage, often by text message, email message or via a special app, to be able to access your account.

That said, the subject of how to choose the best password could soon become obsolete, with the increasing use of passkeys. These digital access keys are in fact stored directly on the device and activated after the user has verified their identity through a PIN code, facial recognition or fingerprint authentication. As these keys are not stored online, they are far more complicated to hack. – AFP Relaxnews

×

Related stories:

Passkeys could make passwords a thing of the past

Report: Insecure passwords rampant among .gov emails

Google makes passkeys the default for account logins in push to replace passwords

Can AI be used by hackers to crack passwords?

Hate passwords? You're in luck – Google is sidelining them

Is it the end of the road for passwords as we know them?

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

   

Report it to us.

Next In Tech News
India restricts WhatsApp sharing data with other Meta entities, imposes $25.4 million fine
Goldman Sachs looking to spin out its digital assets platform, source says
Facebook users affected by data breach eligible for compensation, German court says
Tesla gains on report Trump's team planning federal self-driving vehicle regulations
Roblox tightens messaging rules for under-13 users amid abuse concerns
Nvidia's Blackwell revenue in focus as sales growth slows
South Africa's MTN exploring partnerships with satellite-internet providers
Xiaomi posts jump in third-quarter revenue, beats estimates
Could artificial general intelligence emerge as soon as 2025?
PS5 Pro review: Is Sony's flashier console worth the steep price?

Trending in Tech

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.