It’s long been thought that longer passwords have been more secure, after all, there are more characters.
It’s got to be harder or impossible to compromise, right? Well, research has revealed that even passwords that are 15 characters long can be compromised.
The research listed 8-character passwords were the most compromised length of password. Even 15-character passwords were listed in the top ten most compromised lengths.
This is because it’s not only down to the length of the password but also the content and whether you use the same password across different sites and apps.
Using longer passwords doesn’t mean you are anymore protected than using shorter alternatives.
The most compromised 8-character password is none other than “password” itself, while the most compromised 15-character password is “Sym_newhireOEIE”.
Not exactly secure, regardless to the number of characters.
It’s not just about the passwords that individuals are using. Businesses are at high risk too. 86% of all cyber attacks start by making use of stolen credentials. That’s nearly nine out of ten attacks.
Longer passwords do offer more resistance to brute force cracking. An 8-character password being cracked in five minutes, while a good 15-character one could take up to 37 million years if it’s not following any obvious pattern (i.e., it’s random and uses many types of character).
But this is just one piece of the puzzle.
The length of your password alone won’t save you from stolen credentials via phishing attacks.
- Use a robust business password manager. It randomly generate long passwords with a mix of characters for you AND also remember them and fill in the login box for you
- Use a different password for each app or website you access
- You should also use multi factor authentication where possible. Generating a code on a separate device to prove it’s you means that even if cyber criminals get your password, they still won’t be able to access your data.