Evolution Posted October 6, 2010 Share Posted October 6, 2010 I was wondering which is considered more secure out of the two? e.g. Hellomynameisjohnsmith vs. G8dB$_g87hgd* Are most dictionary attacks just single words? Do most brute force attempts only trying letters due to the enormous number of possibilities? Link to comment Share on other sites More sharing options...
Nagisan Posted October 6, 2010 Share Posted October 6, 2010 Probably the longer one as long as its not as easy to guess as your example. Brute force attacks are most likely to work when they try every combination of upper and lower case letters, and all numbers and symbols. But, at the same time, those take the longest to try. So if no one knows how long your password is and its 20 characters, even if its only letters, their brute force will generally try everything from 1 to 20 characters of all letters upper AND lower case, as well as numbers and symbols, which will take MUCH longer to get then if it tries the same thing for only 8 characters. As long as no one knows how long your password is and what it consists of (such as only letters), the longer the password the better protected it is from brute force attacks. According to http://howsecureismypassword.net/ Hellomynameisjohnsmith = 179 Sextillion years G8dB$_g87hgd* = 7 Billion years EDIT: But, it shouldn't be easily guessable like the example you gave if someone knows John Smith. Link to comment Share on other sites More sharing options...
Recommended Posts