“Use longer, stronger passwords.”
This is a directive we’ve been accustomed to hearing for decades. Many of us are using strong passwords with a combination of uppercase letters, lowercase letters, numbers and special characters. The speed at which threat actors can brute force our long passwords has ramped up.
In a brute force password attack, attackers use a software program to run through every possible combination of letters, numbers and symbols that make up the password.
So, we must rethink password safety for today.
How Secure is Your Password?
Not long ago, an eight-character password with a mixture of numbers, uppercase and lowercase letters and special characters was considered secure. Today, it’s crackable in eight hours. Add just two characters to that password, and the time it takes to crack increases to five years.
The following chart shows how long software can take to crack specific character combinations. For the enterprise, it’s sobering.
Compounding the issue, employees have many passwords. Not all of them are going to be strong. According to a 2019 Lastpass survey, employees at a typical U.S. mid-sized company deal with approximately 75 passwords for work. The same study reports employees re-use a password 13 times.
Brute force hacking is nothing new, but as the threat landscape intensifies and the attack surface widens for the enterprise, it’s a good time to revisit some of the facts and prevention strategies to improve password safety.
How Brute Force Works
With a brute force attack, also called an exhaustive search, a cryptographic hack guesses possible combinations of the targeted password. Because longer and more complicated p ..
Support the originator by clicking the read the rest link below.
