🌐
TechRepublic
techrepublic.com › home › how much time does it take for hackers to crack my password?
How Much Time Does it Take for Hackers to Crack My Password?
February 13, 2025 - For example, a seven-character password with letters, numbers, and symbols would take seven minutes to crack in 2020 but only four seconds in 2023. Given these technological advances, how can you and your organization better secure your ...
🌐
PasswordMonster
passwordmonster.com › home
Password Strength Meter
March 3, 2022 - Try to make your passwords a minimum of 14 characters. A passphrase is simply a password, that’s longer, it could be a sentence, with spaces and punctuation in it. The benefit of a passphrase is that typically they’re easier to remember, but more difficult to crack due to their length.
Discussions
The Time it Takes to crack a Password Visualized - Water Cooler - Spiceworks Community
Saw this on Reddit, figured it would be a good share here too. Maybe @jimmy-t ​ can include it in the next SOC On a related note, I keep finding OMFG’s!!! left behind by the former Network Admin…such as no account lockout threshold being set. More on community.spiceworks.com
🌐 community.spiceworks.com
88
September 1, 2020
I updated our password cracking table for 2025
12 RTX 5090s to crack my password for an iTunes account from 10 years ago? Be my guest. More on reddit.com
🌐 r/pcmasterrace
1472
21919
April 29, 2025
security - Estimating Password Cracking Times - Stack Overflow
I was wondering whether there is a definitive/standard way to estimate password cracking times and if so, how is it calculated. ... Can you please state your source so we can argue better? Password cracking has been there since, well... More on stackoverflow.com
🌐 stackoverflow.com
Time required to brute-force crack a password depending on password entropy (strength) [OC]
Edit: Here's one with the authorship more discrete. Sorry, I had no idea this post would get so many views! Probably some of you might like this version to show to your boss or something. In case you're wondering how many attempts per second an attacker would realistically have, a PC with a few thousand dollars worth of graphics cards can brute-force hundreds of billions of password possibilities per second, as this 2012 Arstechnica article reveals. God knows what sort of power an entire nation state's intelligence agency could muster. My chart goes up to 100 trillion. Anyway, this is my first real attempt at data visualization, so I apologize if I've committed any cardinal sins. Constructive criticism is certainly welcome! EDIT: Forgot to mention, the passphrase entropy in my chart was based on the popular Diceware system. But passphrases more generally still operate with the same mathematical formula of entropy = log2(SL ), but S will be the size of the dictionary from which your passphrase is derived (Diceware uses a dictionary of 7776 words, for example) instead of being the number of characters. But it's worth noting that the length (in words) used in the passphrase is usually mathematically far more pertinent than the precise size of the word dictionary. For example, a 5-word Diceware passphrase has an entropy of about 64: log2(77765 ) but a 4-word passphrase from a much larger dictionary of 100,000 words has only 2 more entropy than that: log2(1000004 ) It's also important to emphasize that this entire chart is only applicable if the characters (or words, in the case of passphrases) are chosen at random. For example, the 20 character password peanutbutterandjelly does not have the same entropy as a password made up of 20 randomly chosen lowercase characters. 20 random lowercase characters have an entropy of 94, but if peanutbutterandjelly was chosen as a passphrase from Diceware, it would have 60 entropy. The letters contained in written English are not random; there are patterns and mathematical shortcuts that can be taken to dramatically reduce the entropy of written English compared to a random series of letters of the same length. More on reddit.com
🌐 r/dataisbeautiful
93
425
February 26, 2015
Videos
03:29
🌐 YouTube
Time it takes a Hacker to Crack your Password in 2024 - YouTube
May 9, 2024
04:29
🌐 YouTube
Time it takes hackers to brute force an account password in 2024 ...
May 9, 2024
31:43
🌐 YouTube
How Long Would It Take to Crack Your Password in 2025? - YouTube
May 28, 2025
🌐 youtube.com
I Cracked a Password using ONLY Response Times...
03:40
🌐 YouTube
Time It Takes A Hacker To Brute Force Your Password in 2023 - YouTube
May 22, 2023
01:44
🌐 YouTube
How Long Would it Take a Cybercriminal to Crack My Password? - YouTube
August 28, 2025
View all
View all
🌐
Bitwarden
bitwarden.com › password-strength
Password Tester | Test Your Password Strength | Bitwarden
Using long passwords is critical to password strength. An 8-character password will take anywhere from a few minutes to a couple of hours to crack, while a 16-character password will take a hacker a billion years to crack.
🌐
Hive Systems
hivesystems.com › blog › are-your-passwords-in-the-green
The 2025 Hive Systems Password Table Is Here - Passwords Are Easier to Crack Than Ever
October 3, 2025 - If that were true, it would mean the stolen LastPass hashes were cracked in just 2.5 years which is BAD NEWS.💀 · Good call again! Our current password table used bcrypt for it, but let’s reset the table to look at the hashing algorithm ...
🌐
Oberlin College
oberlin.edu › cit › bulletins › passwords-matter
BeCyberSmart: How Fast Can a Hacker Break YOUR Password? | Oberlin College and Conservatory
October 10, 2023 - This creates a longer password that’s harder to crack but can still be memorable. Avoid common words and phrases: Steer clear of using easily guessable passwords like “password”, “123456”, or “qwerty”. These are often the first options cybercriminals try. Update regularly: Change your ...
🌐
IT Security Guru
itsecurityguru.org › home › time taken for hackers to crack passwords revealed
Time Taken For Hackers to Crack Passwords Revealed - IT Security Guru
May 18, 2023 - This will buy you 3 years. If your password is 11 characters long and follows the same creation method, then it will take 279 years – unfortunate but an issue for the many generations that precede you.
🌐
Keeper Security
keepersecurity.com › home › how long would it take a cybercriminal to crack my password?
How Long Would it Take a Cybercriminal to Crack My Password?
August 29, 2025 - Using these programs, cybercriminals can crack your passwords and get into your accounts in a matter of seconds, minutes, hours, days or years, depending on how complex your passwords are.
🌐
Caltech
imss.caltech.edu › services › security › recommendations › passwords › password-table
Password Table - Information Management Systems and Services
IMSS / Services / Information Security / Information & Recommendations / Password Guidelines / Password Table ... This table illustrates the time it might take a hacker to crack your password, depending on the length and complexity. Be sure to choose a long, complex, and unique password.
Find elsewhere
🌐
Securelist
securelist.com › password-brute-force-time › 112984
How quickly can attackers guess your password? | Securelist
July 2, 2024 - Most of these passwords in the sample under review are difficult to brute-force. About 5% can be guessed within a day, but 85% of this type of passwords take more than a year to work out.
🌐
Autoriteit Persoonsgegevens
autoriteitpersoonsgegevens.nl › home › current
Tech blog post: is your password easy to crack? | Autoriteit Persoonsgegevens
November 2, 2023 - If you want to know why this is the case, read the text box below. Mathematical framework The time required for cracking a password is proportionate to the total number of possible passwords. We call this the password space.
🌐
Statista
statista.com › topics › security software
Chart: How Safe Is Your Password? | Statista
December 1, 2021 - When using at least one upper case letter and one number, an eight-character password now would take a computer 1 hour to crack. Add another symbol and it takes eight. To make a password truly secure, even more characters or more than one uppercase ...
🌐
Tech.co
tech.co › home › cybersecurity › how long does it take for a hacker to crack a password?
How Long Does It Take for a Hacker to Crack a Password? 🤔
July 14, 2023 - Uniqueness is vital, as is finding a secure place to store your passwords. ... As you can see from the above table, there are two main factors that affect password cracking: length and complexity. The shorter your password, the less time it’ll take to crack.
🌐
Spiceworks
community.spiceworks.com › water cooler
The Time it Takes to crack a Password Visualized - Water Cooler - Spiceworks Community
September 1, 2020 - Saw this on Reddit, figured it would be a good share here too. Maybe @jimmy-t ​ can include it in the next SOC On a related note, I keep finding OMFG’s!!! left behind by the former Network Admin…such as no account lockout threshold being set.
🌐
Reddit
reddit.com › r/pcmasterrace › i updated our password cracking table for 2025
r/pcmasterrace on Reddit: I updated our password cracking table for 2025
April 29, 2025 - Really good question! Anything under 15 minutes has been marked instantly since that's the lock out time for most systems/apps (aka the super danger window) Continue this thread ... Neat!
🌐
CloudNine
cloudnine.com › home › ediscoverydaily › electronic discovery › how long will it take to crack your password?: cybersecurity trends
How Long Will it Take to Crack Your Password?: Cybersecurity Trends - CloudNine
February 12, 2020 - You’d better use more than seven characters or it will take no more than 3 hours to crack your password; Even with eight characters, it could still take as few as ten days; If you add in symbols, then a seven character password could still ...
🌐
Quora
quora.com › How-long-does-it-take-to-crack-down-a-password-Mine-has-almost-taken-24-hours-and-it-has-not-yet-cracked-down-the-password
How long does it take to crack down a password? Mine has almost taken 24 hours, and it has not yet cracked down the password. - Quora
Answer (1 of 9): It depends. I’ve used John the Ripper, which uses wordlists with permutations. Given an unshadowed Unix password file, it will try permutations of the personal name and username, words in the list, l33t-sp33k substitutions, suffixes etc. So if the account is John Doe i...
🌐
Facebook
facebook.com › groups › 373235647074679 › posts › 1077387533326150
Password Cracking Time and Security Concerns
We cannot provide a description for this page right now
🌐
Stack Overflow
stackoverflow.com › questions › 60646247 › estimating-password-cracking-times
security - Estimating Password Cracking Times - Stack Overflow
Top answer
1 of 1
3

assuming only brute-force methods are being used

That is almost never the case, all semi-professional crackers use a combined method. For checker sites however, the implementation can differ... Usually they will implement a simple client side JS based checker, which can use statistics produced (dictionary word or differs only slightly? lenght? char-set? -> you have the answers for all of that).

Possibly the best way of implementation:

  1. Has the password(and hash) been on the most commonly used passwords lists or leaked already, hence been commonly tested by crackers? Also, famous xkcd 1 and 2.

  2. If not, what is the complexity(character set, special chars, etc.) and therefore the entropy of the password? Where does it end up on the category of passwords complexity and pre-estimated cracking time?

Finally, Password cracking is cheap, there are services to rent, and the 2019 cost estimates are here using AWS and hashcat. In hashcat or john the ripper, you will see exactly the startegies they implement e.g. starting off with your dictionary of choice(e.g. use dict from a specificy language - if for instance the adversary got hold of a spanish website's hashed password database - and the tools will use typical replacements of o->0, a->4 etc., add short words, adding numbers(e.g. dates) before and after so exploiting all the human elements really). Users have been conditioned( really wrongly) to choose a word, and make it more "complex" by adding few numbers, and some special chars in the beginning/end. But it's been long known that lenght beats complexity.

Here is another great explanation from a famous security expert/researcher on the exact same topic.

For the site mentioned specifically, if you check the source of the webpage, there is currently a specific JS asset, that you can put into a beautifier.

view-source:https://howsecureismypassword.net/app.60d36fdc.js

It's 12k lines, so I cannot really post the code, but for some time here is the beatified version on pastebin.

🌐
Security.org
security.org › home › how secure is my password? | password strength checker
How Secure Is My Password? | Password Strength Checker | Security.org
October 14, 2020 - For example, the password “f0JB^B5sjmXl” would take a computer 34,000 years to crack. For more information on password security and hygiene, we’ve answered the questions we get the most often.
🌐
BeyondTrust
beyondtrust.com › home › resources › blog › password cracking 101: attacks & defenses explained
Password Cracking 101: Attacks & Defenses Explained | BeyondTrust
May 2, 2024 - Password crackers can try passwords at a slow, measured pace to avoid triggering account lockouts on individual accounts. If a password cracker only tries one password every 10 minutes per account, 100,000 passwords will take a long time.
Related queries
nordpass password strength checker
best password strength checker
password monster
password checker online free
how secure is my password
password hack checker online
password crack time calculator
is password monster safe