Why Your Password Is Less Safe Than Ever
Advances in cracking technology and reuse of passwords leaves users vulnerable
By Kevin Spak, Newser User
Posted Aug 21, 2012 2:37 PM CDT
Your password is less safe than ever.   (Shutterstock)

(Newser) – Once upon a time, hackers tried to guess passwords using a list of words cobbled from a dictionary and fairly feeble computers. Back then, the one password you're using for all your sites was probably pretty safe. But that's not the case anymore, reports Ars Technica, citing huge changes in just the last five years. "It has been night and day, the amount of improvement," says one professional cracker. By using a graphics card's processing power, a modern PC can now try 8.2 billion passwords a second, a speed once achievable only with a supercomputer.

More importantly, a 2009 attack against RockYou.com yielded 32 million passwords, allowing hackers to replace their dictionary-generated lists with words people were actually using, while revealing common strategies like replacing "e" with "3" or capitalizing the first letter. And because people are increasingly using just a few passwords for many sites, each breach exposes users across a host of platforms. To protect yourself, security experts suggest using a different, randomly-generated password on every site, tracking them with a password program.

More From Newser
My Take on This Story
To report an error on this story,
notify our editors.
Why Your Password Is Less Safe Than Ever is...
Show results without voting
You Might Like
Showing 3 of 20 comments
Nov 15, 2012 11:54 AM CST
Where's McAfee when you need him?
Aug 21, 2012 10:47 PM CDT
After having working for a company with strict password requirements (12 character minimum; must use lowercase, capital, number, and symbol; must change every month), my strategy is now to type randomly into Notepad and use that as a password. Then you use muscle memory to remember it rather than memorizing the characters. ... and this article gives yet another reason to use two-factor authentication whenever the option is available (Gmail & Facebook). It's a pain in the ass, but if someone gets into either of those, they have basically any personal information they want and can easily use social engineering attacks to ruin your life.
Aug 21, 2012 10:35 PM CDT
What about security questions, along with user name, I. D., and pin ? You know, the name of your favorite High School teacher.