These people have published details about how they used Amazon EC2 to crack passwords:
http://news.electricalchemy.net/2009/10/cracking-passwords-in-cloud.html
Personally, I skipped all the details and went straight to the interesting conclusions page:
http://news.electricalchemy.net/2009/10/password-cracking-in-cloud-part-5.html
It tells you how much it will cost someone (in EC2 charges) to crack your passwords, based on their lengths and the number of characters you use.
I used to think 8 characters was a good password. Seems it is worth about $3, or $45 if I've mixed in some numbers. Gulp. And all this is assuming there are no dictionary words in there. Double gulp.
Wednesday, November 4, 2009
Subscribe to:
Post Comments (Atom)
2 comments:
The article says that a 9-character password with full uppercase and lowercase, alphanumeric, and symbols, is going to cost $10M to crack at current prices.
Keith wrote: "a 9-character password with full uppercase and lowercase, alphanumeric, and symbols"
Unfortunately those passwords are hard to remember and I then have to write them down and tape them to my monitor ;-)
Post a Comment