Brute-force hacking can crack an eight-character password in less than one hour, according to Hive Systems.
In a new research published today, the security risk services firm says any password with less than seven characters can be brute-forced "instantly." Its findings show how more accessible and affordable cloud computing services make it simpler to crack passwords than two years ago, when the company showed that a relatively strong, eight-character password was crackable in eight hours.
Password managers are the best bet for protecting passwords, according to Hive, which also found that a 12-character password created by a password manager could take some 3,000 years to brute-force crack. Hive also published a password table of its findings on password-character combinations and their vulnerabilities to brute-force hacks.