How Easy is it to Hack Your Password? John Pozadzides Tells All

Last Updated Apr 4, 2010 5:20 PM EDT

Hopefully, after all the password advice we've given you, you use strong passwords and create a unique password for all of your Web sites. It's especially important to use a different password for your financial sites than lower-security sites like social networking services.

Even so, your password protocols might be a bit sloppy. Here's something that might scare you straight: some frank confessions about how easy it is to hack your password.


iFusion Labs CEO John Pozadzides recently explained how he would hack your password. It's a fascinating read.

To begin with, he says he can crack 20% of the passwords out there just by trying these red-flag details:
  • Your partner, child, or pet's name, possibly followed by a 0 or 1
  • The last 4 digits of your social security number.
  • 123 or 1234 or 123456.
  • "password"
  • Your city, or college, football team name.
  • Date of birth - yours, your partner's or your child's.
  • "god"
  • "letmein"
  • "money"
  • "love"
If that doesn't work, he says he'd try a brute force attack (using software designed to try every combination of number and letter). But not on your bank account -- that's too secure. He'd try some other site you use instead, betting that you use the same password in multiple places.

How long does this approach take? Check out this eye-opening table:


Clearly, this indicates you'd be crazy not to use at least 8 characters and mix uppercase, lowercase, numbers, and symbols. And for the love of Woden, don't use the same password on business-critical or financial sites as on low-security personal sites. [via Lifehacker]

Photo by AMagill

Comments