The good advice has always been to have a long password.
Cloud computing has a silver lining for hackers or anyone with a decent limit credit card. The guys at somewhere (if you need to know I'd be happy to recommend them but I don't really think I'll share it here) have done some interesting work in the clouds
- started at the request of a client.
There was a need to decrypt some stuff and money was no object.
They used some off-the-shelf or net software, put their heads in the clouds and used a little imagination and an exploit to exceed the cloud provider's inbuilt process limits and proceeded to crack the encrypted data. It was well encrypted - or was it?
Their success prompted them to do a little experimentation and cost-benefit analysis of using the cloud to crack passwords. They are unique in that they were happy enough to share their findings.
The 8 letter password is definitely low budget and you'll have to go to at least 12 to make your password expensive enough to be beyond a single credit card funded op. If you use the full character set it'll only be worthwhile if it's Bill Gates' or Barack
Obama's logons at stake.The longer passwords are in the millions to even trillions bracket, but its a pity they're impossible to remember. Any sort of smarty password like amanaplanacanapanama will already be in the hackers dictionary attack and probably all
the 1l0v3r0ckandr0ll ones too.
If you use the full character set you'll need at least nine not just superimposed as letters before you'll push the crack into the million dollar budget.
It isn't really a question of money for a fraud gang if they can get at big pickings and they aren't really paying anyway so what do they care what it costs?.
Anyone you know who might be big pickings?