Unexpectedly Intriguing!
17 June 2022

How long would it take someone who has no idea what your password is but who has a lot of computational capability to crack it using brute force?

By brute force, we mean using their code-cracking computer systems to systematically run through all the possible permutations of characters that may be in your password. Which for all they know, may be anywhere from 1 to 22 characters long.

For their part, cybersecurity specialists Hive Systems put the following chart together to show how long that might take a well-equipped independent hacker. Or rather, one with the code-cracking technology Hive's analysts believe is already available to them in 2022.

But what about tomorrow's technology? What about passwords with more than 18 characters? What if you could use more kinds of characters?

Answering questions like those is why we created the following tool, which we built after reverse-engineering the results from Hive Systems' table. If you're reading this article on a site that republishes our RSS news feed, please click through to our site to access a working version.

Input Data Values
How many different kinds of characters can be used in your password?
How many billion attempts per second can a hacker's system use to crack your password?

Calculated Results Values
Time Needed to Crack Password Using Computational Brute Force

Here's an article discussing the math behind the tool. The default of 95 kinds of characters represents the 10 numbers, 26 lower case letters, 26 upper case letters and 33 special characters available on most U.S. English keyboards. If you play with these figures, you should be able to reasonably duplicate the results from Hive Systems' chart. Within a relatively small margin of error, that is.

The tool is also computationally limited in how many characters might be in a password, to avoid exceeding JavaScript's computational limits. We've arbitrarily limited the potential passwords to be a maximum of 20 characters, which works for 95 kinds of characters, but may not for larger potential character sets. If you get results that seem haywire for the numbers you've entereed, odds are you've run into that computational limit.

But the thing we're most leery of in building the tool is that we set "billions" as the basic unit for entering the number of attempts per second for the hacker's password cracking system. How long will it be before that seemingly large number becomes unreasonably small?

Labels: ,

Welcome to the blogosphere's toolchest! Here, unlike other blogs dedicated to analyzing current events, we create easy-to-use, simple tools to do the math related to them so you can get in on the action too! If you would like to learn more about these tools, or if you would like to contribute ideas to develop for this blog, please e-mail us at:

ironman at politicalcalculations.com

Recent Posts

Indices, Futures, and Bonds

Closing values for previous trading day.

Most Popular Posts
Quick Index

Site Data

#### JavaScript

The tools on this site are built using JavaScript. If you would like to learn more, one of the best free resources on the web is available at W3Schools.com.