Advances in technology render 8-character passwords weak

More powerful computers for calculating and hacking. According to a report from Hive Systems published at the end of April, simple graphics cards like those from market leader Nvidia are now capable of cracking “complex” passwords.

A combination considered secure with 8 characters including uppercase letters, lowercase letters, numbers and symbols, could be cracked in 1 hour by an RTX 4090 graphics card found on the market for 1,800 euros. Concretely, it is the MD5 hash function, an algorithm that is still regularly found for securely storing passwords which could be decrypted by the Nvidia product. The more chips the hacker's computer contains, the easier it will be to calculate the probabilities.

“ Graphics cards were designed to load images faster on your computer. It turns out they're also great at calculating hashes. Popular applications like hashcat can break these hashes, with varying results depending on the hardware used “, we can read in the report.

Add words to your passwords

Many services still use MD5 algorithms to hack secret codes even though they have become more fragile over time. Leaks in the past have revealed that some companies even store passwords in plain text.

Hive Systems also note that hackers use “ dictionary attacks » to find passwords more quickly. They rely on “ words and combinations that we already found in previous leaks to try to reproduce passwords, because humans are quite predictable “.

The standard recommendation would now be to have a strong password of at least 16 characters. A multi-word passphrase combined with signs seems to be the best solution. You can list your favorite destinations and foods, for example: “N0rvège!P1zza?Vi3t-N4m%Burg3r; “. And if you find these combinations too long, you can always store them in password managers.