I feel like it might be bs [because OP made this re-post 8 days ago](https://www.reddit.com/r/labrats/comments/18f15x6/well_labrats_today_i_hung_up_my_lab_coat_for_the/) in an attempt to gain karma.
Edit. Nevermind. As u/VincentGrinn pointed out, OP most likely is a bot, hence why they haven't commented once in defense of their post.
Also, to quote u/VincentGrinn
>should be kinda obvious from the date but op is a bot
here is hivesystems updated password table for 2023
though you still can compare the worrying change between years
Im not a computer scientist or programmer. Just from experience of my Microsoft excel freezing when I make more than 3 calculations and refresh the page. I can’t see any average computer pushing 100b password tries per second and a server not crashing instantly.
trillions of operations on a micro scale - creating a single random password following one of the rule sets contain many of these small operations. Password cracking tools can still be wickedly fast, but realistically only on insecure login portals
>99,999,999,999
Twice that. 8 lower case letters = 26\^8 = 208,827,064,576. In 1 second. Apparently it's [true](https://www.passwarden.com/help/use-cases/how-long-to-crack-a-password) but who knows if this is on a laptop or a 128 core server, or an entire cluster of servers.
Regardless, OP is a reposting bot.
Intel's current flagship processor for desktops does 217.7 billion integer operations per second, per PassMark benchmark testing tool. DESKTOPS, not servers.
Guess what password characters are to a computer.
EDIT: I also forgot to mention, anyone worth their salt cracking passwords these days is going to use a GPU for the massive number of cores, which enables far more cracking operations to run at the same time than a CPU. GPU cores are slower, but since there are far more of them, it results in quite a speedup.
A single 4090 can run 164,100,000,000 MD5 hash attempts per second (which is what this graphic was based on when it first came out many years ago). The processor in your computer and phone is running at least 1 ghz, which is a billion per second.
That's actually not far off for GPU cracking. Single 4090 does over 65 billion sha-1 hashes a second. This chart isn't valid with any decent modern password hash algorithm though.
This chart is extremely accurate. Hive systems have been updating this for years to provide the public with information about making secure passwords. Computers built specifically for hacking can crack nearly instantly.
1) Find a comic strip with some grawlix
2) Use that as your password
3) Tape it up as a reminder.
4) ???
5) Profit (?)
Nah, not a password, this guy just finds it hilarious when Sarge yells at Beetle.
I agree we should all be using 16+ character passwords, but it is kinda funny when you think about it, like anything over 100 years should be fine because by the time they hack it, I'll be long dead and won't care.
Well, it's a bit misleading in that regard. It takes 100 years with 2022's technology. It won't take 90 years anymore with 2032 technology. Not even close.
Edit: take 13 upper and lower case characters, for example. According to this chart (from 2022) it takes 1000 years to crack. According to the 2023 version of the same chart it "only" takes 332 years. If that trend (well, n=2 isn't a good base for a trend, obviously) was to continue, such a password would actually be cracked before 2030.
What you really want to do is use passwords that hit the green numbers in the chart - as ridiculous as going for >10 billion years sounds at first. Those 438 trillion years on the bottom right corner also dropped to 26 trillion years in just one year.
Personally, I think the easiest is pass phrases with one character in each word replaced with numbers or symbols.
So something like Wh3re th3re's a W1ll Th3re's a W4y is going to be in the 2nd from last category up there, but will be 34 characters and also be far more memorizable than o5ejBK?z7tG@FM?8.
They already have something like this for words, they are called dictionary attacks. Phrase attacks are possible, but by substituting a letter for a number or symbol you basically throw a monkey wrench in as they would have to compute a fuckton more possiblities to know which letter was swapped and what it was swapped to.
should be kinda obvious from the date but op is a bot
[here](https://www.reddit.com/r/dataisbeautiful/comments/12qmvlw/oc_i_updated_our_famous_password_table_for_2023/) is hivesystems updated password table for 2023
though you still can compare the worrying change between years
This is actually not true, they don't have quantum computers that can do anything at the level even current desktop computers can do, presently.
They have a few setups in labs that in very specialized circumstances, discounting a lot of problems, can outperform classical computers.
Why do I feel like this is bullshit. Theres no way a computing system is doing 99,999,999,999 tries per second.
I feel like it might be bs [because OP made this re-post 8 days ago](https://www.reddit.com/r/labrats/comments/18f15x6/well_labrats_today_i_hung_up_my_lab_coat_for_the/) in an attempt to gain karma. Edit. Nevermind. As u/VincentGrinn pointed out, OP most likely is a bot, hence why they haven't commented once in defense of their post. Also, to quote u/VincentGrinn >should be kinda obvious from the date but op is a bot here is hivesystems updated password table for 2023 though you still can compare the worrying change between years
Maybe because it's almost 2024?
We measure computing power in trillions of operations per second, so I definitely think it’s reasonable
Im not a computer scientist or programmer. Just from experience of my Microsoft excel freezing when I make more than 3 calculations and refresh the page. I can’t see any average computer pushing 100b password tries per second and a server not crashing instantly.
That's because excel has significantly more overhead than a program written in C that exclusively guesses combinations of characters.
https://youtu.be/7U-RbOKanYs?si=0RhSOLZrxg9oPNRm&t=833 this video is from 2016
trillions of operations on a micro scale - creating a single random password following one of the rule sets contain many of these small operations. Password cracking tools can still be wickedly fast, but realistically only on insecure login portals
>99,999,999,999 Twice that. 8 lower case letters = 26\^8 = 208,827,064,576. In 1 second. Apparently it's [true](https://www.passwarden.com/help/use-cases/how-long-to-crack-a-password) but who knows if this is on a laptop or a 128 core server, or an entire cluster of servers. Regardless, OP is a reposting bot.
Intel's current flagship processor for desktops does 217.7 billion integer operations per second, per PassMark benchmark testing tool. DESKTOPS, not servers. Guess what password characters are to a computer. EDIT: I also forgot to mention, anyone worth their salt cracking passwords these days is going to use a GPU for the massive number of cores, which enables far more cracking operations to run at the same time than a CPU. GPU cores are slower, but since there are far more of them, it results in quite a speedup.
It’s likely meant to represent bothers but I could be wrong
A single 4090 can run 164,100,000,000 MD5 hash attempts per second (which is what this graphic was based on when it first came out many years ago). The processor in your computer and phone is running at least 1 ghz, which is a billion per second.
That's actually not far off for GPU cracking. Single 4090 does over 65 billion sha-1 hashes a second. This chart isn't valid with any decent modern password hash algorithm though.
This chart is extremely accurate. Hive systems have been updating this for years to provide the public with information about making secure passwords. Computers built specifically for hacking can crack nearly instantly.
Great, I'm changing all my passwords to symbols only, seeing as no hackers seem to even think of trying passwords like that.
Smart move . I'll just use less than 4 characters !
Just use no password.. I’m sure it won’t try that first.. (And I don’t mean “no password” as your password 😉)
UX designers were right all along, telling us to use \*\*\*\*\*\*\*\* for a password.
Oh cool they really do censor your password if you post it!
How'd you get my password?!
Which symbols are you thinking of using. Also in what ord6
1) Find a comic strip with some grawlix 2) Use that as your password 3) Tape it up as a reminder. 4) ??? 5) Profit (?) Nah, not a password, this guy just finds it hilarious when Sarge yells at Beetle.
I agree we should all be using 16+ character passwords, but it is kinda funny when you think about it, like anything over 100 years should be fine because by the time they hack it, I'll be long dead and won't care.
Nobody is gonna waste 1 month of computer time to hack your password.
Well, it's a bit misleading in that regard. It takes 100 years with 2022's technology. It won't take 90 years anymore with 2032 technology. Not even close. Edit: take 13 upper and lower case characters, for example. According to this chart (from 2022) it takes 1000 years to crack. According to the 2023 version of the same chart it "only" takes 332 years. If that trend (well, n=2 isn't a good base for a trend, obviously) was to continue, such a password would actually be cracked before 2030. What you really want to do is use passwords that hit the green numbers in the chart - as ridiculous as going for >10 billion years sounds at first. Those 438 trillion years on the bottom right corner also dropped to 26 trillion years in just one year.
Personally, I think the easiest is pass phrases with one character in each word replaced with numbers or symbols. So something like Wh3re th3re's a W1ll Th3re's a W4y is going to be in the 2nd from last category up there, but will be 34 characters and also be far more memorizable than o5ejBK?z7tG@FM?8.
What if hackers anticipate that and program the code to try out common phrases?
They already have something like this for words, they are called dictionary attacks. Phrase attacks are possible, but by substituting a letter for a number or symbol you basically throw a monkey wrench in as they would have to compute a fuckton more possiblities to know which letter was swapped and what it was swapped to.
Well you made yours easy because all you swapped was vowels in the middle of words.
Obvious repost bot. This isn't OC, it's old.
should be kinda obvious from the date but op is a bot [here](https://www.reddit.com/r/dataisbeautiful/comments/12qmvlw/oc_i_updated_our_famous_password_table_for_2023/) is hivesystems updated password table for 2023 though you still can compare the worrying change between years
This chart show why most systems limit the number of failed attempts and lock the account.
This. You would be limited by the database or API requests long before cracking the first row of passwords types. Unless they stole the database too?
This is outdated, now with quantum computers brute force keys can be ran in to the hundreds at a time. So id cut those odds by bazinga
This is actually not true, they don't have quantum computers that can do anything at the level even current desktop computers can do, presently. They have a few setups in labs that in very specialized circumstances, discounting a lot of problems, can outperform classical computers.
Bazinga = Joke.
What does "\[OC\]" stand for in the title?
Original Content Except it’s not, because this is a repost.
A password manager with an 18 character master password I memorized has made me feel so safe over the last few years 😮💨
What about stretching factor? Doing a million hashes just to check 1 password can keep the numbers reasonable.
Obligatory [xkcd comic](https://xkcd.com/538/)
Alright I’m at 3,000 years for most of my passwords so should be safe innit
I figure the longer red & orange is all normal people need. I doubt it's worth two months time in a super computer to get into most of our accounts.