how insecure is my short password really?
- by rika-uehara
Using systems like TrueCrypt, when I have to define a new password I am often informed that using a short password is insecure and "very easy" to break by brute-force.
I always use passwords of 8 characters in length, which are not based on dictionary words, which consists of characters from the set A-Z, a-z, 0-9
I.e. I use password like
sDvE98f1
How easy is it to crack such a password by brute-force? I.e. how fast.
I know it heavily depends on the hardware but maybe someone could give me an estimate how long it would take to do this on a dual core with 2GHZ or whatever to have a frame of reference for the hardware.
To briute-force attack such a password one needs not only to cycle through all combinations but also try to de-crypt with each guessed password which also needs some time.
Also, is there some software to brute-force hack truecrypt because I want to try to brute-force crack my own passsword to see how long it takes if it is really that "very easy".