Test your password strength

[RoadKingLarry]

Reckon how many folks are using that for a password these days?

[GigaBuist]

so, was there anyone here willing to admit they used their real password?

I did.  GRC is a reputable website.

[cosine]

Yeah, this.  Entering your passwords into a strange website when you don't know its bona fides is a bad idea. 

Thought of this; that's why I used an old password with characteristics of one of my current passwords. Just interested in getting a rough idea of how my passwords fare.

[vaskidmark]

so, was there anyone here willing to admit they used their real password?

....

Look, if they want access to my stash of haggis recipes all they really need to do is ask.  Being the cheapskate that I am any porn I might have (not that I actually have any) would be from free porn sites and you have all told me how crappy and boring that stuff is.

Getting access to my bank balance?  Hah!  What bank balance?  If the summer harvest jacks food prices up as much as they are warning, I'm gonna be on food stamps.

stay safe.

[Perd Hapley]

"i did your mom" in all lower case got

Online Attack Scenario:
(Assuming one thousand guesses per second) 2.00 trillion centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 20.03 thousand centuries
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 20.03 centuries

I tried "Jamis's mom" and it got it in about two minutes.

But we all know Jamis's mom is easy.

[Fly320s]

I tried "Jamis's mom" and it got it in about two minutes.

But we all know Jamis's mom is easy.

Zing!

[Rosalyn]

Using 'password' which is one of the most popular passwords takes almost 7 years. I'll call bull on that. I would say 'password' is probably the second password guess behind 'guest' or 'admin'.

[makattak]

Using 'password' which is one of the most popular passwords takes almost 7 years. I'll call bull on that. I would say 'password' is probably the second password guess behind 'guest' or 'admin'.

True, but if you would read under the password area, it says:

IMPORTANT!!!    What this calculator is NOT . . .

It is NOT a “Password Strength Meter.”

Since it could be easily confused for one, it is very important for you to understand what it is, and what it isn't:

The #1 most commonly used password is “123456”, and the 4th most common is “Password.” So any password attacker and cracker would try those two passwords immediately. Yet the Search Space Calculator above shows the time to search for those two passwords online (assuming a very fast online rate of 1,000 guesses per second) as 18.52 minutes and 17.33 centuries respectively! If “123456” is the first password that's guessed, that wouldn't take 18.52 minutes. And no password cracker would wait 17.33 centuries before checking to see whether “Password” is the magic phrase.

So, you are correct that it is not PURELY a measure of password strength... But they tell you that as well.

[MechAg94]

I find that using the name of something I own along with the caliber works well.  Usually include a period or other symbol and substitute letters or something also. 

[Monkeyleg]

I used one of my dozens of real passwords. If someone wants to track me for weeks to figure out where I might be using it, well...

According to the site, it would take 2.71 hundred thousand centuries to crack the password online.