Awareness Campaign - Computer Security 101

Question 6:

How long does it take to crack a five-character password with lowercase letters only (abc) versus a 10-letter password using upper- and lowercase letters (AaBbCc)?

Answer:

	A.	45 minutes vs. 28 hours
	B.	3 minutes vs. 10 hours
	C.	2 minutes vs. 46 thousand years
	D.	1 hour vs. 9 centuries

It could take 2 minutes vs. 46 thousand years, according to figures taken from the University of Wyoming Information Technology website at http://uwadmnweb.uwyo.edu/InfoTech/security/passwords.htm.

This goes to show how effective a long string of complex characters can be when creating a password. It’s also really important to create a new password for every account you have.

The best passwords are made up. Use the first letter of words in a phrase and include numbers and punctuation; for example, “Do you know the way to San Jose on US-12?” becomes “DyktwtSJoUS-12?” Passphrases are also very effective, such as “MaryHad^LittleLamb.” Create a nonsense phrase like “!bunca*dinckDOc?” (Of course, don't use any examples shown here!)

For information regarding creating a secure password, visit:
   http://www.umflint.edu/helpdesk/articles/155
     http://www.itd.umich.edu/itcsdocs/r1162
     http://www.microsoft.com/protect/yourself/password/create.mspx

University of Michigan - Flint