Skip to main content

Brute Force Password Hacking: How long will it take to Brute Force a password

As we all know, its not a good idea to brute force a password, as its much faster to use password attacks using hashcat.

I found a good graphic on how slow brute force hacking can be, depending on the length and the complexity of the password.  The graph also demonstrates how longer passwords offer, and alphanumeric complexity, can alter the risk vector in your favor.


The game of password hacking is this:

  • Users reset password every month, ie 30 days
  • If we can Brute force the password in 10 days, we can use the password for another 20 days.
  • Brute force attacks, will normally crack the password about half way through the times quote.
  • An 8 character password, is listed as 84 days, which means it should crack in approximately 41 days (close to a months reset).  How would you protect accounts at this point?  It is recommended to force longer passwords, eg 10-14 characters to protect against brute force attacks, as a pragmatic, rather than guaranteed security. Its possible that a brute force attack could break the security in the first day, however, this would be unlikely.
Reference:

http://www.yourdestinationnow.com/2020/07/brute-force-password-guessing-picture.html

Labels:

Comments

Post a Comment

Popular posts from this blog

Python OOPs Concepts: Using Variables and Methods

  Types of Variables in OOPs Python   Instance Variable Static Variable Local Variable   Object Level Variables Class Level Variables Method Level Variables When to use: For Every Object if you want Separate copy, use Instance Variables For all object one copy is required, use static variables Inside method, Just used for temporary requirement Where to Declare Inside the constructor method (in general) Within the class directly, outside of methods (in general)   Within the method only. How to Declare Within the constructor: Instance variables can be declared within the constructor method using the self .   Using default values : Instance variables can be assigned default values during initialization.   Outside the class: use object name.   · ...
1 comment
Read more

ORACLE Express Edition: Getting Started

1. Introduction to Oracle Database 21c Express Edition (XE) - Free, lightweight version of Oracle Database - Ideal for learning and small-scale applications - Limited to 12GB of user data and uses up to 2GB of RAM 2. Installation and Setup 2.1 Installing Oracle 21c XE 1. Download Oracle 21c XE from: https://www.oracle.com/database/technologies/xe-downloads.html 2. Run the installer:    - Windows: Double-click the .exe file    - Linux: Use `rpm` or `yum` command 3. Follow the installation wizard:  Accept the license agreement Choose an installation location (default is usually fine) Set a password for the SYS, SYSTEM, and PDBADMIN accounts (write this down!) Select the option to start the database service automatically (recommended)  4. Complete the installation: Wait for the installation process to finish Note down the database connection details provided at the end The default container database (CDB) name is XE The default pluggable database (PDB) nam...
Post a Comment
Read more

Practical 1: Getting Started with MYSQL

 Getting Started with MySQL Introduction to MySQL Definition: MySQL is an open-source relational database management system (RDBMS) Uses: Web applications, data warehousing, e-commerce, logging applications Key features: Speed, reliability, scalability, and ease of use Installing MySQL Download MySQL Community Server from official website Follow installation wizard for your operating system Set root password during installation Verify installation: mysql --version MySQL Command-line Client Accessing MySQL: mysql -u root -p Basic commands: SHOW DATABASES ; CREATE DATABASE mydb ; USE mydb ; SHOW TABLES ; MySQL Workbench Introduction: Visual tool for database design and management Key features: SQL development Data modeling Server administration Example: Creating a new connection New Connection > Enter details (hostname, username, password) PHPMyAdmin Web-based MySQL administration tool Often comes pre-installed with web hosting packag...
Post a Comment
Read more