A new report published by the Georgia Institute of Technology says that eight-letter passwords are on the way out, soon to be replaced with 12-letter passwords. The reason? Researchers were able to crack all eight-letter passwords in about two hours using clusters of graphics. Swell.
For more on the joys of complicated passwords, keep reading.
According to researchers, it would take over 17,000 years to crack 12-character passwords if the same processing power was applied to the eight-letter password test. The researchers' recommendation was that 12-character passwords become standard practice over the eight-character versions we use on many sites today. I recently made it quite clear how I feel about complicated passwords for sites that don't carry high security risk or store sensitive information, so if my bank and credit card passwords require 12 characters, I'd be OK with relearning a password for additional security. However, if this "rule" were to carry over to the rest of the web, I don't know that I'd be a fan.
Perhaps we should just start requiring a thumbprint to sign in. I'd get behind that . . . at least I wouldn't have to remember another random 12-character password.