Don't use 'jhu38fcbe72e3$$7cdbdlw244f0dmw3' as your password - it's ours

Some food for thought for lazy password thinker-uppers, from Book Of Joe... namely the time it takes for a hacker's computer to randomly guess your password...



  • M4RKM
    I wonder why my password needs changing every 28 days at work, when it is secure enough not to be hacked in 463 years. I'm hoping I'll be dead by then.
  • OP
    A good tip for passwords, the number plate of your first car, plus a exclamation mark or something, not easy to crack and you won't forget it (hopefully...)
  • wayne
    so my password of Pa$$w0rd will take 463 Years to be guessed. I know I will sleep better at night..... oh hang on a minute.... bugger!
  • Phil
    There was a BBC article on common passwords the other week. Can't be arsed to look up the link but the most common passwords where (not in order): 12345 1234 123456 password qwerty Its no wonder hackers do so much damage!
  • Alex
    These numbers are extremely wrong and misleading. Modern GPU processing techniques have meant that almost none of the standard hashing techniques are secure. They can attempt billions of combinations per second (see
  • Mike
    You should always use a £ or € in really secure passwords as a lot of the password crackers don't include these symbols. (or any other non standard unicode character)
  • Chris
    These numbers are misleading, but not for the reason posted by Alex. Generating billions of passwords in a short period of time is useless unless you can try them out. In the real world you would be trying to hack the password for somebody's email account or online banking. While you would be able to generate a billion passwords per second, you wouldn't be able to test them to see if they were the right password. As soon as you entered, say, 10 wrong passwords you would be locked out of trying again.
  • Alex
    Depends... there are so many stolen password databases out there now. This kind of computational power gives the possibility to crack people's passwords even if they are encrypted in a stolen database. Many sites don't have a login strikes system as you've detailed. There are hackers out there trying these databases of usernames and passwords against sites without it.
  • lumoruk
    Having successfully hacked many passworded documents and my outlook account I've stopped bothering putting passwords on anything.
  • PokeHerPete
    I change my password every 10 minutes anyway, face is on egg whos?
  • Mike U.
    For fucks sake just try this to test how secure your password is

What do you think?

Your comment