Not really that much of a surprise, it it?
“Brute-force hacking can crack an eight-character password in less than one hour, according to Hive Systems.
In a new research published today, the security risk services firm says any password with less than seven characters can be brute-forced “instantly.” Its findings show how more accessible and affordable cloud computing services make it simpler to crack passwords than two years ago, when the company showed that a relatively strong, eight-character password was crackable in eight hours.”
This makes sense, it’s not that expensive to order up some cloud-based resources and put them to work, and we’ve always known that with enough resources and time, every password can be cracked, but if you’re depending on your password being tough, you may want to think about longer and more complex passwords.
You might also want to follow some links in the article below and catch a glimpse of the chart listing how long it would take to hack an account using a password that has been included in hacked data made available to other hackers.
Yeah, that is pretty much instantly hacked no matter how complex your password is.
So, best practices?
– use complex passwords.
– use each complex password on exactly one website. (Do NOT reuse).
– use a password manager to keep track of all those passwords.
– Use multi-factor authentication when available, as an extra step beyond your password.