[pip08456]

With the right tools an 8 letter lower (or upper ) case password can be cracked in less than a day.
Using a string of Disney names as posted above would be even quicker.

---------- Post added at 10:40 ---------- Previous post was at 10:33 ----------

Quote:

Originally Posted by Kushan

Don't forget, it's case sensitive, so it's more like 48 letters + numbers. 58 vs 62 possible characters isn't quite a big difference.

Having said that, password length will always trump complexity. While I agree the default passwords on routers are possibly not terribly secure, they should be changed regardless.

If you change it to a password that's 15+ characters long, even purely lower case will be more secure than a "complex" 8 character password.

To give an example, if you have an 8 character password to which any of the 8 characters can be one of 100 possible values (26 lowercase + 26 uppercase + 10 numeric + a bunch of symbols, punctuation, spaces, etc.), you'd get 10,000,000,000,000,000 possibilities.

Whereas if you have a 15 character long password of just lower case letters, it's 1,677,259,342,285,725,925,376 possible combinations. Length really does trump complexity.

10,000,000,000,000,000
vs
1,677,259,342,285,725,925,376

Use a passphrase of uppercase and lowercase letters with some punctuation thrown in and nothing will ever brute force it, even with dictionary attacks.

Depends on how many gpu 's you have working on it and the time you want to spend.

Hashtopussy is a dangerous tool in the wrong hands.