How long would it take someone who has no idea what your password is but who has a lot of computational capability to crack it using brute force?
By brute force, we mean using their code-cracking computer systems to systematically run through all the possible permutations of characters that may be in your password. Which for all they know, may be anywhere from 1 to 22 characters long.
For their part, cybersecurity specialists Hive Systems put the following chart together to show how long that might take a well-equipped independent hacker. Or rather, one with the code-cracking technology Hive's analysts believe is already available to them in 2022.
But what about tomorrow's technology? What about passwords with more than 18 characters? What if you could use more kinds of characters?
Answering questions like those is why we created the following tool, which we built after reverse-engineering the results from Hive Systems' table. If you're reading this article on a site that republishes our RSS news feed, please click through to our site to access a working version.
Here's an article discussing the math behind the tool. The default of 95 kinds of characters represents the 10 numbers, 26 lower case letters, 26 upper case letters and 33 special characters available on most U.S. English keyboards. If you play with these figures, you should be able to reasonably duplicate the results from Hive Systems' chart. Within a relatively small margin of error, that is.
But the thing we're most leery of in building the tool is that we set "billions" as the basic unit for entering the number of attempts per second for the hacker's password cracking system. How long will it be before that seemingly large number becomes unreasonably small?