Want to deter hackers? Make password longer - Technology & science - Security - msnbc.com
"Thanks to rapid increases in computing power, your confidential information is probably not safe unless you use a 12-digit randomized password, experts say.
Recent research from the Georgia Tech Research Institute (GTRI) indicates that to defeat a new generation of encryption cracking software, passwords need a length of at least 12 randomized characters consisting of letters, numbers and symbols. Anything else a keyword, a birthday or a pattern of symbols makes you an easy mark.
'Eight-character passwords are inadequate now ... If eight characters is all you use, and if you restrict your characters to only alphabetic letters, it can be cracked in minutes,' said Richard Boyd, a senior researcher at GTRI.
The need for increasingly complex security measures comes from two weapons in the hacker arsenal: commercial quality code breaking software and the supercomputer power of graphics cards and botnets, said Joshua Davis, a research scientists at GTRI.
Code breaking software uses two techniques to break through password protections. The first is a vast dictionary of common password phrases, which can crack simplistic passwords like 12345 and similar patterns. The other, brute force, simply tries every possible eight-character combination until it hits the right one. Brute force invasion used to require an unreasonable amount of time, but increasing computing power has allowed off the shelf computers to accomplish that task, Davis said.
Nevertheless, a password of 12 random characters that includes symbols is still an effective barrier to the brute force method.
- Sent using Google Toolbar"
No comments:
Post a Comment