The other day in my computer security class a student asked me if he could test a program that he downloaded off the Internet. Per lab procedure we took a test PC and isolated it from the rest of the network. The program he had scans the PC for information on users that have previously logged on to that PC. The program then displays up to the last ten users and asks if you want to crack their passwords. After receiving my permission he launched the password cracker tool. It took it 4.5 seconds to crack my ten digit numeric password (I have since changed it). That is 10,000,000,000 (ten billion!) different combinations in under five seconds. Other user's passwords took minutes and some hours and it still didn't have anything after chugging all night.
In order to protect your computer systems and networks, make sure your users create strong passwords. Not only do these protect your data, but they may end up protecting the reputation of your company.
- More on Creating Strong Passwords