Nowadays it is possible to do almost anything online. Some people just use the Internet for mailing, while others pay their bills, buy groceries, trade stocks and much much more. Hey, some people even order funerals online! Most of the sites we use wants us to become a registered user by creating an account. While creating accounts at all these websites, many people tend to use the same password over and over again. Like it wasn't bad enough that they use the same password everywhere, they also use passwords that are easy to guess.
So how do you know if you are using bad passwords? I will show you some example of bad passwords and explain why they are bad.
computer - It is a dictionary word
amanda - It is a common personal name
buster - It is a common name for a pet
password - It is easy to guess
asdfg - It is a sequence of adjacent letters on the keyboard
You might also have noticed that all these suggestions of bad passwords only contained lower case letters and none of them contained any digits. If you have a password of 5 letters, all lower case, then there are almost 12 million (26^5) different combinations. That might sound like a lot of combinations, but if you have got a computer with a 3GHz processor and a brute force password generator it can generate about 3 million passwords per second. Your five letter password would then take four seconds to break.
Now lets say that you use lower case letters, upper case letters and digits in your five character password. Then we get a total of 62 different characters which give us around 916 million (62^5) different. If we use this password instead of the other one it will take around five minutes to break it. As you can see we still have a bad password. Better than the first one, but still bad.
What we need to do here is simply to increase the length of the password. If we increase the password length to 8 we will get almost 220,000 billion (62^8) combinations. It would then take that computer around 7 million years to generate all the possible combinations. All these calculations are based on a password containing purely random characters.
If you, like most people, have a password that matches one of the earlier examples of bad ones, like a dictionary word, then you can guess how fast a computer will break your password.
Just to make things a little easier for you I have made a password generator that will generate a more secure password for you. The generated password is 8-12 characters long and consists of lower case letters, upper case letters and digits. You can find the generator here.