Do not use a
password that
consists of only
numbers. You may be like,
ha! ha! nobody would ever guess this random string of numbers *
stupid grin*.
Well guess what, it doesn't take very long at
brute force crack an all number password.
At my college for instance the default password for users accounts is your student number. To make a long story short I found a nice way to
brute force crack passwords and a 9 digit all number password takes all of 4 seconds to crack on a
pentium 2
celeron 500Mhz.
For that matter a password of less than 7 letters/numbers or a combination of both is just stupid. With the computers avaliable to the
average computer user a 6 character password is probably the most they could hope to crack on their own in a
reasonable period of time, under 2-4 months.
To make your
password insanely hard to crack use punctuation, numbers and letters in combination. Do not put numbers on the end of an english word, not a good idea. Most brute force or dictionary attacks will try sticking the numbers 1-99 on the end of words to catch things like
omega1 or
dogfeet2.
Of the best suggestions above is
hamster bong's. I was the one who introduced her to it and it is a
fairly safe system. The longer the password and more possible characters that could be used in it, the longer it takes to crack your password.
The relationship between the length of your password and time it takes to crack is an
exponential one. With numbers it's small like (number of digits in password)^10(possible digits 0-9), not to difficult for todays computers. Add the alphabet and punctuation and it gets huge, stick in and
extended ascii character and it gets even more difficult to crack.
Well I hope this helps.
This little utility will give you an idea of how long your password would take to crack.
Note: My celeron 500mhz does about 96,000 pw/sec.
http://www.soft4you.com/vitas/pswcalc.htm
Also Note: this password
calculator thing isn't entirely
accurate but you can get a
ball park figure from it.