A new study calls into question the passwords of less than 8 characters

Eight characters is the key number that you absolutely must not forget when creating or modifying one of your passwords.

However, the latest study by Hive Systems suggests that the ideal password to rout web pirates would be a mixture of eighteen numbers, letters and symbols.

One minute per character for the average hacker

Password hacks are commonplace today, and the risk is even greater when we reuse the same means of authentication for several accounts. To overcome this problem, the latest study by Hive Systems, a cybersecurity company based in the United States, advises banning all passwords that include less than eight characters.

To support its point, Hive Systems presents a table illustrating the average time taken by a hacker to hack your password according to its degree of complexity. It can thus be seen that a four-character password composed solely of numbers can be almost instantly found by a misguided hacker; in contrast, it would take a hacker at the average skill level eight hours to find an eight-character composition of numbers, letters, and symbols. Preferring caution, Hive Systems has a few suggestions to further complicate the task of hackers.

Eternal life would not be enough with an ultra complex password

Making your passwords more complex and always longer is a suitable solution. There remains the question of memorization: to help you remember this precious data, a password manager is obviously an ideal companion.

The point of all this? The fact that, according to Hive Systems, it takes about 438 billion years (!) for even an experienced hacker to crack an eighteen-character password using upper and lower case letters, symbols and numbers. Suffice to say that for hackers, the game is not really worth the candle.

Hive Systems’ findings are backed up by a National Institute of Standards and Technology expert panel, which calls for avoiding the use of relatively simple passwords that are less than eight characters. If you don’t want to go to the recommended eighteen characters, Hive Systems adds that a password containing eleven characters including letters, numbers and various symbols, already takes on average the equivalent of thirty-four years to be deciphered.

A good compromise, especially if you follow the five key rules for generating a really strong password.

Sources: NIST Special Publication 800-63B
, CNBC