How easy is it to guess your password? Find out here
If your password consists of just six lower-case letters, it will take mere seconds to crack. Up that to seven, and it would take a hacker around 10 minutes, while using a common password such as “birthday” could see it discovered in a fraction of a millisecond.
But a nine-digit combination of upper and lower case letters, numbers and symbols would take over a thousand years for somebody to run through enough possible combinations to find.
Better Buys, a software and technology business, has developed a tool estimating how long it would take for a hacker to crack a password using a so-called “brute force” attack – in which a computer program tries every single password combination before finding the correct one.
How to pick a password
According to the company, brute force software in 2016 can attempt more than 13 million passwords, compared to less than 6 million a decade ago. Password-cracking software will also try the most obvious combinations first, so codes such as “123456”, “password” and “football” – among the world’s most commonly used – could all be discovered in 0.25 milliseconds. Many of the most powerful computers today, however, can check more than one billion combinations a second.
You can try the tool below. Warning: It’s a bad idea to enter your actual password. Although While Better Buys says it does not store any of the passwords, you should never provide your password anywhere it is not needed. Entering combinations of similar length and character mix should give an idea of how long it would take a brute force attack to guess your password. The tool is designed for educational purposes.
The test shows that both length and different characters significantly improve password security: moving from eight letters to nine would increase the time from four hours and 24 minutes to almost five days, while eight letters and a number would take almost three months.
Despite this, choosing a password by simply replacing letters with numbers, such as “c0mpu7er”, is not advised: more sophisticated password crackers than the one assumed in the interactive have learned to look for words with certain digits replaced by letters.
Most common passwords