The Georgia Institute of Technology is warning that GPUs are proving to be the undoing of the password.
In a report, GIT boffins, no really claim that passwords with fewer than 12 characters can be quickly brute-force decoded using a PC graphics processing unit (GPU) that costs just a few hundred dollars.
Richard Boyd, a senior research scientist at the university's research institute that using a commonly available graphics processor to test the integrity of typical passwords of the kind in use here at Georgia Tech has found that a seven-character password is hopelessly inadequate.
Currently a GPU offers potentially two teraflops of parallel processing power thanks to Nvidia releasing a C-based software development kit.
He said that if you can write a C program, you can program a GPU and use it to crack a password.
However to defend against GPU attacks, the password researchers recommend using sentence-length passwords that mix letters with numbers or symbols, and which are at least 12 characters long, he said.
Of course a password which is that long will just be written on a post-it note and stuck onto the computer monitor.
As I understand it, the concern/risk is about external hackers and not office colleagues 'seeing' your password. i.e. the risk does not really lie with colleagues possibly up to mischief
As far as passwords, the whole concept is flawed. Asking a human being to remember anything is an exercise in futility. Just ask any wife about her husband.
When you tell people they can't remember things enough times, they may start to believe you. If your mentation is inferior, do not drag the res of the species down with you.
at GT's Research Institute,
and a Ramblin' Wreck from Georgia Tech,
and a hell of an engineer --
[A helluva, helluva, helluva, helluva,
hell of an engineer!] --
Like all the jolly good fellows,
They drink the whisky clear__
and given half a chance once more,
They'll drink another, dear.
Ask a jolly good man of cheer
What is the Good PassWord, here__
It's always "To Hell with Georgia!"
is what you're like to hear.
And when some git is like to spit:
a "How 'bout them Dawgs?" this year?
It takes a Ramblin' Wreck from Georgia Tech, and a hell of an engineer --
[A helluva, helluva, helluva, helluva,
hell of an engineer!] --
to "Piss on 'em!" I swear!
Tedly
Georgia Tech
BS Aerospace Engineering '92