Linker IT Software
Order Home
menubar-top-links menubar-top-rechts
 

Software categories:
EncOffice
Benefits
Compatibility
Download
Licensing
Order
User Manual
First Use
                                               
Knowledge Base
How Safe is Excel 2002/2003
 Encryption
How Safe is Word/Excel 2007
 Encryption
How To Protect Excel Files
How To Protect Word
 Documents
How To Protect ZIP Files
Look at Encrypted Files
What are Strong Passwords
Secure Email with Encrypted
 PDF, ZIP, Word or Excel
                                               
ExcelLock: Locking and securing your valuable Excel spreadsheets.

SQL*XL: Database to Excel bridge

litLIB: Excel power functions pack

Home Products EncOffice

Buy now Download now EncOffice

How much time is needed to crash a password

 

If the password cannot be guessed, the cracker tries to brute-force it. This is trying all possible combinations of characters until the password is found. When brute-forcing, the time to crack the password depends on the amount of possible passwords that the cracker has to try. The amount of possible passwords increases with password length and with increasing diversity of characters being used (complexity).

EncOffice. Encrypt Word easy and safe.

Let's take the scenario of a cracker trying 15 million passwords per second. This is currently the maximum speed being claimed by password cracker vendors. You need a pretty fast computer to achieve this. The following table shows the computed time to crack a password with 15 million tries per second. Notice the incredible increase in time to try all possible combinations when password length and complexity increase.

length: 4, complexity: a-z--> less than 1 second
length: 4, complexity: a-zA-Z0-9 + symbols--> 4.8 seconds
length: 5, complexity: a-zA-Z--> 25 seconds
length: 6, complexity: a-zA-Z0-9--> 1 hour
length: 6, complexity: a-zA-Z0-9 + symbols--> 11 hours
length: 7, complexity: a-zA-Z0-9 + symbols--> 6 weeks
length: 8, complexity: a-zA-Z0-9--> 5 months
length: 8, complexity: a-zA-Z0-9 + symbols--> 10 years
length: 9, complexity: a-zA-Z0-9 + symbols--> 1000 years
length: 10, complexity: a-zA-Z0-9--> 1700 years
length: 10, complexity: a-zA-Z0-9 + symbols--> 91800 years

What we see is that any password shorter than 5 characters can be cracked within 5 seconds and any password shorter than 7 characters can be cracked within a day. With the password length of 9, the cracking time goes to hundreds of years. In most cases this can be considered acceptable while mostly we need to keep a secret for a maximum of 30 years. To be on the safe side, we recommend a minimum password length of 10 characters.

The crack times mentioned in the table are needed to try all the possible passwords. There is a great chance that the cracker only needs 50% of this time. Also bear in mind that a cracker can always have a lucky shot at his first try and crack the password immediately. The chance is very small, but theoretically it is possible.
Copyright (C) 1995-2010 Linker IT Software BV. All Rights Reserved. Oracle is a registered trademark of Oracle corporation. Excel and Office are registered trademarks of Microsoft corporation. Other names appearing on the site may be trademarks of their respective owners. Software, files, documents, articles and other material are provided "as is" and without warranties as to performance or mechantability or any other warranties whether expressed or implied. No warranty of fitness for a particular purpose is offered.
sitemap
>