Rodney Keeling

This post is to show the importance of using a strong password on your computer and on websites. I recently wrote a program in Java (kind of impractical, I know) that uses a brute-force technique to crack passwords with particular parameters sent in. With just a simple, everyday Macbook, I realized how easy it is to crack passwords on unprepared websites.

What I mean by “unprepared websites” is any particular website that doesn’t limit the amount of user login requests it may receive. These are highly vulnerable in most cases, as a huge amount of requests for authentication may be requested. The parameters I used in my program included which characters I wanted to include in my cracking attempts (e.g. the alphabet in lowercase, uppercase, numbers, etc.) as well as the length of the password I want to test. Naturally, short passwords were quicker to crack; most passwords four characters and under took, literally, no time at all. I ran the program and the passwords popped up (I used a few test passwords just for variation). Five characters in a password, and the worst-case scenario took around 40 seconds. Six characters took a bit over 15 minutes for the worst-case (you can see the rapid growth in time by adding just one character). I didn’t go for anything longer than six characters, as I could induce that longer passwords only take longer to crack.

These figures are based on the parameters of the password containing a strong lower-case, upper-case, number and symbol containing password, and most people do not even have a mixture of lower- and upper-case characters in their passwords. Well I hope you have learned to use a strong password by now, as doing something as simple as adding another character can make the difficulty of cracking your password much more difficult. Good night and good luck!

Tweet This!