Hackers can crack almost half of passwords in less than a minute: Research

Doha, Qatar: In June 2024, Kaspersky experts conducted a large scale study on the resistance of 193M English passwords, compromised by infostealers an...

Doha, Qatar: In June 2024, Kaspersky experts conducted a large-scale study on the resistance of 193M English passwords, compromised by infostealers and available on the darknet, to brute force and smart guessing attacks.

According to the research results, 45% of all analyzed passwords (87M) could be guessed by scammers within a minute. Only 23% (44M) of combinations turned out to be resistant enough – cracking them would take more than a year. Besides, Kaspersky experts have revealed which character combinations were most commonly used in passwords.

Kaspersky telemetry indicated that more than 32 million attempts to attack users with password stealers in 2023. These numbers show the importance of digital hygiene and timely password policies.

The results of the Kaspersky study demonstrate that the majority of the reviewed passwords were not strong enough and could be easily compromisedby using smart guessing algorithms. Here is the breakdown of how fast it can happen:

-    45% (87M) in less than 1 minute. -    14% (27M) – from 1 min to 1 hour. -    8% (15M)–from 1 hour to 1 day. -    6% (12M)–from 1 day to 1 month. -    4% (8M) – from 1 month to 1 year.