Also, while this chart is a good opening comment about security. it is SUPER subjective and not nearly detailed enough for a true discussion of what makes a secure password. Those numbers are based on "brute-force" attacks which attempt every possible variation in a character data set. It completely ignores non brute-force attacks, speed of guesses, and ease of guessing the type of hash.
You wouldn't believe how many passwords I see like Spring-2002! or GoBroncos!2002 (obvious assholes) or Ch13f$Rule!!! All of which crack in seconds using basic rule and mask attacks but people still think nobody will figure it out.
|