Password complexity and why it matters
Password length and complexity are particularly effective against brute-force attacks and rainbow tables. A brute-force attack is where a system is used to try combinations of passwords until one works. This is where password length is supremely important. Each additional character increases the work factor of a brute-force attack exponentially. Using a baseline of 15 million key attempts per second, a brute-force system could crack a seven-character password in less than 10 minutes. A 13-character password using the same system would take well over 300,000 years. As computing power continues to improve, those time frames continue to come down, but longer passwords are exponentially better than shorter ones. Adding three characters to every password the next time you change it will significantly reduce the risk of a successful brute-force attack.
A rainbow table attack is an attack against commonly used passwords. Passwords are not stored as...
