A week ago I wrote a post about how a few of my friends had their email accounts hacked, and what to do about it.

Part of the instructions talked about creating a secure password – not just the usual blah-blah-blah of “6 to 8 characters including an upper-case, number and special character”, but a REALLY secure password – one with multiple words that are seemingly random but easy to remember.

The comic XKCD illustrated it nicely, and I’m reprinting it again because he’s awesome.


But a recent article in Ars Technica explores the issue of weak passwords in more detail. It talks about what kind of computer hardware and software it takes to actually crack a password (answer: not much) and how long it would take. This graph says it all.

Note the overlap between the XKCD illustration and the graph. Longer passwords are harder to crack. 20-character passwords are all but impossible.

“20 characters?!?” you say, “Nobody can be expected to remember a 20-character password!”

“Correct Horse Battery Staple” has 28. And, as the cartoon says, you’ve already memorized that one.

Go. Change. Your. Passwords. Now.

One thought on “Insecurity Issues

Comments are closed.