Firebrand Header Banner Fallback

Can I hack your password in 10 minutes?

By Julian Arias Beltran

2011 saw some of the worst passwords ever recorded! In a previous post, we found that the five worst passwords of that year were:
  1. password
  2. 123456
  3. 12345678
  4. qwerty
  5. abc123
‘password’ is the number one password?

The report was made by Splashdata which gathered data from the millions of stolen passwords posted online by hackers in 2011.

But a new year has passed and with MI5 battling "astonishing" levels of cyber-attacks in the UK industry and Symantec stating in their 2011 report that they recorded thousands of hacking events every second, we have surely learnt from our mistakes, right?

According to the list below, we’re still as lazy as it gets. In the 2012 report released by Splashdata, ‘password’ is still the most popular password…

Here's the full list with comparison to 2011:

1.    password (Unchanged)
2.    123456 (Unchanged)
3.    12345678 (Unchanged)
4.    abc123 (Up 1)
5.    qwerty (Down 1)
6.    monkey (Unchanged)
7.    letmein (Up 1)
8.    dragon (Up 2)
9.    111111 (Up 3)
10.   baseball (Up 1)
11.   iloveyou (Up 2)
12.   trustno1 (Down 3)
13.   1234567 (Down 6)
14.   sunshine (Up 1)
15.   master (Down 1)
16.   123123 (Up 4)
17.   welcome (New)
18.   shadow (Up 1)
19.   ashley (Down 3)
20.   football (Up 5)
21.   jesus (New)
22.   michael (Up 2)
23.   ninja (New)
24.   mustang (New)
25.   password1 (New)

Source: Gizmodo - The 25 most popular passwords of 2012

But are we really that lazy? No and here’s why

As mentioned, this data is gathered from millions of stolen passwords posted online by hackers.

There’s a reason ‘123456’ is on this list!

Many hackers use tools to randomly guess your password, and depending on its length and characters contained, it can take the tool anywhere from 10 minutes to (in my case) 44,530 years to get!

How to make hackers wait 44,530 years to get your password

Simply make your password 9 characters, add a symbol and a number. Below you can see how long it takes to hack your current password.

Length: 6 characters
Lowercase: 10 minutes
+ Uppercase: 10 hours
+ Nos. & Symbols: 18 days

Length: 7 characters
Lowercase: 4 hours
+ Uppercase: 23 days
+ Nos. & Symbols: 4 years

Length: 8 characters
Lowercase: 4 days
+ Uppercase: 3 years
+ Nos. & Symbols: 463 years

Length: 9 characters
Lowercase: 4 months
+ Uppercase: 178 years
+ Nos. & Symbols: 44,530 years

As you can see, it’s obvious why the simple passwords are on the list. It only takes 10 minutes for hackers to get any of them. Hackers aren’t going to wait more than two days to get your ‘real’ password. So relax, the world is not as lazy as it seems… unless for reasons you won’t discuss, you are concerned to see "monkey" so close to the top.

Will 2013 bring a more creative list of passwords? let us know in the comment section below.

Lets at least hope 'password' won't still be at the top.