/security

News and resources on cyber and physical threats to banks and fintechs worldwide.

Scammers can crack almost half of passwords in less than a minute

Scammers could crack 45% of passwords within a minute, using brute force or smart guessing attacks, warns security firm Kaspersky.

  5 Be the first to comment

Scammers can crack almost half of passwords in less than a minute

Editorial

This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.

Kaspersky analysed the resistance of 193 million English passwords on the darknet, finding that 87 million could be cracked within 60 seconds. Another 14% could be cracked in under an hour while just 23% would be resistant enough to last more than a year.

The majority of passwords - - 57% - contain a word from the dictionary, which significantly reduces the passwords' strength. Many people use names, while others use popular words such as "love" and "gamer" while others use the likes of "password" and "12345".

Only 19% of all passwords contain signs of a strong combination - a non-dictionary word, lowercase and uppercase letters, as well as numbers and symbols. At the same time, 39% of such passwords could also be guessed using smart algorithms in less than an hour.

Kapersky warns that attackers do not require deep knowledge or expensive equipment to crack passwords. A powerful laptop processor will be able to find the correct combination for a password of eight lowercase letters or digits using brute force in just seven minutes. Modern video cards will cope with the same task in 17 seconds.

Yuliya Novikova, head, digital footprint intelligence, Kaspersky, says: "Unconsciously, human beings create ‘human’ passwords - containing the words from dictionary in their native languages, featuring names and numbers. Even seemingly strong combinations are rarely completely random, so they can be guessed by algorithms.

"Given that, the most dependable solution is to generate a completely random password using modern and reliable password managers."

Sponsored [Webinar] Unifying Card Programmes: The cost-reduction imperative

Related Company

Comments: (0)

[Webinar] 2025 Fraud Trends: Synthetic Identity, AI and Incoming MandatesFinextra Promoted[Webinar] 2025 Fraud Trends: Synthetic Identity, AI and Incoming Mandates