Image source: stock.xchng
With the recent media showcase on the hacking antics of the very 2 prominent groups Lulzsec and Anonymous, some of us here may wonder, “How safe am I actually?” “Is my password secure?”.
The main thing to password strength is a combination of length and entropy, which is a fancy way of measuring randomness in a password.
Despite this, even if you have the world’s most awesome hard to remember super password like “$%#SMVrt43TGt09%^^#@342608$@#%SDFY” which requires you to roll your face over your keyboard in the same pattern each time, I believe many of us fall into the very easy trap of using ONE single password for many of the websites we log on to. Just think about it, Facebook, Twitter, Gmail, Yahoo!, random internet forums, your bank account, your blog, Photobucket, etc etc…
This following webcomic should pretty much sum up the dangers of such a practice.
And if that is not enough to scare you, a recent article over at Tom’s and PC Pro tells us of the possibilities of using our GPUs to crack a password. A CPU such as the core i5-2500k (recommended in our previous build a PC post) can churn out about 28 million passwords per second for a brute force attack, where a hacker just tries every possible combination of text and numbers. A gamer with a recent GTX or Radeon card with either Nvidia’s CUDA or AMD’s Stream GPGPU cores can utilize those cores on the GPU which are optimized for parallel computing to break passwords at a blazing speed. The TL;DR version is a decent graphics card, or worse, in SLI/Crossfire can churn out passwords at a rate of over a billion passwords per second. The Whitepixel project running 4x HD5970s is already pushing 33.1 billion passwords per second!
So how do I protect myself then? Stay tuned for our follow up post!