How many characters does a password need to be truly secure?

Remember to regularly change your passwords. — AFP Relaxnews

The more characters in your password, the more difficult it is to crack. That’s why most online services now require passwords with at least eight distinctive characters (numbers, letters, special characters, etc). However, it’s even better to add a few more.

Cybersecurity specialist Hive Systems recently published a chart showing how long it takes to crack a password, depending on its number of characters and specific features. The chart indicates that eight-character passwords are only really effective if all kinds of different symbols are used. While it would take a hacker nine seconds to crack a four-character password containing numbers, upper and lower case letters, it would take seven years if it contained eight.

The biggest risk comes from using only numbers or letters. Here, even if you increase the number of characters, the risk of having your password hacked remains very high. For example, it will only take an hour for a hacker to find a ten-character password made up entirely of numbers. By increasing the number of characters to 14, it could take them up to a year.

In any case, as soon as you combine numbers, letters and symbols, you're making the "work" of pirates considerably harder. In such a scenario, mixing ten very distinct characters comprising numbers, upper and lower case letters and various symbols is quite safe, since it could then take hackers up to 33,000 years to figure out such a code!

In addition to choosing a complex password, you should opt for double authentication whenever possible, ie, go through an additional validation stage, often by text message, email message or via a special app, to be able to access your account.

That said, the subject of how to choose the best password could soon become obsolete, with the increasing use of passkeys. These digital access keys are in fact stored directly on the device and activated after the user has verified their identity through a PIN code, facial recognition or fingerprint authentication. As these keys are not stored online, they are far more complicated to hack. – AFP Relaxnews

Related stories:
Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Next In Tech News
MCMC publishes investigation report on prepaid SIM registration
Teens underwhelmed by France’s social media ban
Gladys West, unsung figure in development of GPS, dies at 95
SK Hynix's record quarterly profit smashes forecasts, sees explosive memory chip demand
CelcomDigi launches prepaid 5G Hyper and Power Internet passes, starting at RM30 for 50GB
Will the EU ban social media for children in 2026?
TikTok faces app deletions, censorship claims and glitches in days after its ownership change
ASML reports big orders beat as AI drives chipmaker demand, to lay off 1,700
Apple Watch's hypertension alert feature now available in Malaysia
SpaceX weighs June 2026 IPO at $1.5 trillion valuation, FT says

Trending in Tech

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.