Tech Report: Cracking Passwords and the Future of Online Security
SAN FRANCISCO (KCBS)— A password-cracking expert has unveiled a computer system that can cycle through as many as 350 billion guesses per second with the ability to crack just about any password that someone could use on a Windows computer.
It’s done through a matter of brute force. Maybe I could guess a few hundred an hour if I really put my mind to it. But if you’re like this researcher and had an array of sophisticated high-speed computers you could go through every possible combination of the types of passwords used in Windows. Even though there is reasonably good security, if you put enough brute force behind it and enough computing power, you can get through it.
I certainly wouldn’t lose any sleep over it now, but I think in the long-term it does make us realize that the entire password system probably needs to be replaced by a more robust security system. There are already things out there ranging from bio-metrics where you have eye scanners and fingerprinting that can be used instead of traditional passwords.
But for now you’ll definitely want to adhere to the basics. Don’t make your password your dog’s name or a simple word in the dictionary. Try to mix it up. It’s best to come up with a string of characters (at least eight, but more is better) and include both lower and upper case and make it something that you can remember and that other people won’t necessarily guess.
(Copyright 2012 by CBS San Francisco. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed.)