Fascinating table shows exactly how long it takes a hacker to figure out your password based on characters used
Password123 just doesn't cut it in 2025
You might think that getting into your personal information is like breaking into Fort Knox, and while most of us forget our passwords as soon as we type them in, hackers seemingly have no problem reeling them off. Next time you forget your password, just employ a hacker.
Few things are more frustrating than forgetting your password and having to reset, only to be told that you can't use a password you've previously used. To quote Alanis Morissette, "Isn't it ironic?"
We've already covered a list of the most commonly leaked passwords, with the likes of 'password', '123456', and 'qwerty' unsurprisingly making the list. Most of us are pretty savvy and are forced into using a mix of numbers, letters, and special characters, but even these aren't locked up as tightly as you think from those snooping hackers. Now, cybersecurity firm Hive Systems has revealed how long it takes these bad actors to break into your virtual vaults.
Advert
The Hive Systems Password Table reveals the fascinating time it takes for hackers to crack your password. Four-digit password made of numbers will be broken instantly, but it's also concerning that a four-digit password made of uppercase letters, lowercase letters, numbers, and symbols will also be cracked in the blink of an eye. It'll likely take two weeks to uncover a six-digit password made of uppercase letters, lowercase letters, numbers, and symbols, and although that sounds pretty safe, it's a worry that this is the combo most of us likely use for our daily passwords.
At the other end of the spectrum, an 18-digit password comprised of numbers, symbols, upper and lowercase letters would take 463 quintillion years to reveal. Maybe we should start using this kind of password.
In 2020, Hive Systems shared the Password Table that was assembled by Microsoft MVP Mike Halsey. It has been reviewing data breaches from HaveIBeenPwned between 2007 and 2025,
Showcasing the 'worst case' and 'maximum time required' for each combo, the post explains: "Most hackers will prioritize which words and strings of characters they’ll work on first through the use of rainbow tables, dictionary attacks, and previously stolen hashes."
Hackers will focus on common and breached passwords rather than trying to crack new ones, while they’ll also try hashes of common and breached passwords before bothering to crack new ones.
The site notes that artificial intelligence could push password hacking forward by 'lightyears', with a revised version of the table showing how the 18-digit upper limit is reduced from 463 quintillion years to just a quintillion years. Thankfully, we'll all be dust by then.
The moral of the story is that we need to be smarter than ever when coming up with our passwords, and if you're warned of a breach, change yours before the hackers get inside.