By rolling dice, users can create passwords that even supercomputers would take nearly 3,000 years to crack.
Choosing a password for personal accounts such as email, bank accounts, and social media is akin to selecting a lock to safeguard your treasures.
If that lock is outdated or too simple, you risk losing your assets to hackers.
For personal accounts like Gmail, Facebook, Instagram, etc., the best advice is to use strong passwords to protect your accounts from unauthorized access and use.
Password Cracking Principles
In 2022, cybersecurity researchers from Cybernews and password management company NordPass released a report on the most commonly used passwords on the Internet.
Speaking to Gizmodo, Cybernews noted that the most common passwords are often easily memorable character strings such as “123456”, “root”, “admin”…
Hackers can crack common passwords of average users in less than a second. (Image: NordPass).
Many users even use the names of celebrities as passwords, such as “messi”, “ronaldo”, “gaga”, “eminem”…
NordPass reported that the majority of passwords are single words, making them very easy to crack. With just a little knowledge of common passwords, malicious actors can easily guess these simple passwords without needing complex hacking tricks.
Even the names of famous companies are used as passwords, increasing the risk of unauthorized access.
Currently, most passwords are protected by hashing so that no one can trace back to the original characters.
However, unlike encryption, hashing algorithms will produce the same output for the same input. Specifically, if the hash function is applied to the keyword “ant”, all algorithms will display a similar string.
With today’s hardware power, hackers can crack short passwords composed solely of letters and numbers in moments using brute-force methods. (Image: StrongDM).
This vulnerability allows cybercriminals to easily detect several repeated hashes used for common passwords.
Consequently, hackers will employ brute-force methods. This type of attack forces hackers to continuously cycle through different characters to combine and create the correct password, according to Mantas Sasnauskas, head of Cybernews’ research team.
With today’s hardware capabilities, most modern computers can crack short passwords made up of letters and numbers in just seconds.
Super Passwords That Even the Fastest Computers Cannot Crack
A strong password is not just a little-known word; it must also contain many characters and punctuation, increasing the difficulty for hackers.
The more complex the password, the more jumbled characters it contains, and the greater variety of content. Jumbled characters will create noise in the data, making it harder to crack using brute-force methods.
From this principle, an 11-year-old girl, Mira Modi, from New York City, came up with the idea to launch a service that generates randomly created passwords through dice rolls.
By using dice, users can create a very strong password that is nearly impossible for hackers to crack. (Image: EFF).
Diceware is a method of generating passwords by using dice to select random words from a special list known as the Diceware Word List.
Specifically, after rolling the dice and writing down the numbers, each number corresponds to a word in the Diceware List to create a random phrase that is still relatively easy to remember.
Modi’s mother, Julia Angwin, is an investigative journalist who won the Pulitzer Prize for journalism at ProPublica. She is also the author of a book on security and online freedom. She inspired Modi to pursue the idea of creating passwords with Diceware.
Since all phrases are randomly generated from the dice rolls, most technology experts agree that it will be very difficult for individual hackers to crack them using just one computer.
The crux of this method is that users should not modify the phrases after they have been selected. The passwords created from the dice rolls rely entirely on randomness, making algorithmic analysis impossible.
Common PCs today can attempt about 15 million passwords per second. Meanwhile, according to the EFF, the fastest supercomputer in the world can attempt about 92 trillion passwords per second.
The strongest supercomputers would still take nearly 3,000 years to crack a password generated from 5 rolls of dice. (Image: Wired).
Even if hackers have access to the list of phrases that users have used to create passwords, with a computer capable of attempting 15 million passwords per second, it would still take over 2,000 years to try every possible combination.
The fastest supercomputer in the world could crack the same password in an average of 1.5 hours.
However, if users roll the dice two more times to increase the length of the password, the cracking time rises to nearly 3,000 years even for the fastest supercomputer.
