We might as well be up-front about this. Every password is crackable. And hacking them is the No. 1 way the bad guys break into our computers, phones and tablets.
These thieves download programs off the Internet that automatically run combinations of numbers and letters until they find your combination. Many can run 6.4 million passwords per second. It's called a "brute force" attack.
About the only thing we can do is make it as hard as possible for them. But hard in the password world is hard on us, too.
Master Lock Co. found the average Internet user must deal with 26 passwords. For highest security, each password would be different.
Some users give up and use "password" for their passwords or "123456." These happen to be the first combinations the cracker programs check.
We are lazy about passwords until somebody hacks them. It might seem efficient to chose ones easily typed, such as 0000. Remember: 10,000 of the easiest passwords can access 98 percent of systems worldwide, a piece of cake for an automated cracker.
We still have math and the law of averages on our side, but we must choose to use them. Master Lock did a recent survey of passwords. They found:
• Changing a letter to a number in a four-letter password quadruples its difficulty to crack at 1.6 million combinations.
• Changing one of the letters to uppercase in the same password boosts its security to 14 million combinations.
• Changing a letter to a symbol (*, ! , #) ups the ante to 92 million combinations. Numbers are the easiest to crack as there are only 10. Symbols are the toughest with 36. Of course, the longer the password, the better. Many passwords are a capital letter, a lower case letter, a symbol and a number. They can be cracked in two seconds.
• Adding a capital letter boosts this to 2.5 minutes.
• Adding a number to 2.5 hours.
• An eight-character password with caps and lower case, symbols and numbers can take a year to crack.
• A 12-character monster takes 16 million years.
This assumes a processing rate of 6.4 million passwords per second.
How often should we change our passwords?
The security experts say every six months unless your password is compromised. Then change it immediately.