Your browser is obsolete!

The page may not load correctly.

  • add to favourites
    Add to Bookmarks

Guess the eight characters

Read: 14046 Comments: 2 Rating: 12

Tuesday, December 19, 2017

"Passwords fewer than eight characters in length are cracked almost instantly".
So why then are users allowed to create four-character passwords?

A comment left on a news post

This topic is important, so it's no wonder we keep returning to it. It’s obvious that the longer a password is, the harder it is to crack. On the other hand, a longer password takes longer to enter, especially, if you need to do it often, for example, to unlock your tablet or smart phone. So what then is the optimal length?

Certain criteria can help determine how long a password should be. For instance, can a casual fellow traveller memorise your tablet password?

As many as 64% were able to memorise an Android unlock pattern after looking at it just once if the feedback lines were visible.

When the lines weren't displayed, the number of people who could recreate the pattern fell to 35%. Only one out of ten participants was able to identify a six-digit PIN code.

The research results show that using an eight-character password is the best way to protect a smart phone.


The Anti-virus Times recommends

  • By repeatedly entering the same combination or recreating a pattern, you leave traces on the screen (and warm it up too). An attacker can recover your password using these fingerprints. Therefore:
    • A four-symbol password is way too short. Use it to lock devices if you are not afraid of losing it.
    • Change it regularly to make sure that attackers would have a hard time reproducing it.
  • An eight-character password doesn't make a device immune to brute-force attacks, but modern devices should become blocked after a certain number of unsuccessful password-entry attempts. Therefore, unless your device ends up someday in the hands of a secret service, eight characters are enough to at least protect it from children's curiosity.
  • If your device has been stolen, the password can be reset. In this case it doesn't matter how long it was. But in this case you need an additional security feature, such as an Anti-theft, which is available in Dr.Web Security Space for Android, for example.


Tell us what you think

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.