Skip to content
All posts

Password length and 2FA




How confident are you in the security of your passwords? Do you believe that longer passwords are always synonymous with increased security? Well, it's time for a frank discussion about the importance of password security.

Recent research has uncovered a rather disconcerting truth – even passwords with a robust 15-character length can fall prey to compromise. Yes, you read that correctly. It's time to confront the harsh reality that length doesn't always equate to strength.

Surprisingly, the eight-character password remains the most commonly compromised password length. However, if you're relying on a longer password, don't let your guard down just yet. The 15-character password also finds its place among the top ten most compromised lengths.

You might wonder, "How can this be?" The answer lies not solely in the password's length but also in its composition and whether you employ the same password across multiple platforms.

The most frequently compromised eight-character password happens to be the rather unimaginative "password" itself, while the most compromised 15-character password is "Sym_newhireOEIE."

Doesn't exactly inspire confidence, does it?

This isn't a concern limited to individuals alone. Businesses, just like yours, face substantial risks. An alarming 86% of all cyberattacks initiate with stolen credentials, nearly nine out of ten attacks. Can you afford to be complacent?

Indeed, longer passwords do provide greater resistance to brute force cracking. An eight-character password can be cracked in a mere five minutes, while a robust 15-character one, devoid of obvious patterns (i.e., a random combination of various characters), might withstand an astonishing 37 million years of attempts. Quite impressive, isn't it?

However, remember that this is just one aspect of the overall security landscape. Length alone cannot safeguard you from the threat of stolen credentials via phishing attacks.

To fortify your security, consider employing a robust business password manager. It not only generates lengthy, random passwords for you but also securely stores and autofills them in login fields.

Furthermore, implementing two-factor authentication, where you generate a code on a separate device to verify your identity, adds an extra layer of protection. Even if cybercriminals manage to crack your password, they won't gain access to your data.

If you would like help in bolstering your business's security posture, don't hesitate to reach out to Black Bear MSSP. Your security is our priority.