Not even the passwords from the Parliament of Sweden are safe

In the book Swedish Hackers a Swedish hacker group claims to have access to 101 accounts from the Parliament of Sweden (email accounts at riksdagen.se). The information on this list seems to have been collected during several years from various hacks that hasn’t previously been known by the public.

Luckily the passwords seems to be encrypted, but that’s not actually any problem for a handy person since it’s possible to do brute force calculations of the passwords without running into problems with “too many login attempts” since if you have the password in a list like this no such checks are done. So if you think you’re protected by a limit on how many times you can try to login with invalid passwords, think again. Also if you trust 100% in a system or a site you should think again, since not even the passwords to email accounts at the Parliament of Sweden are safe.

To make it harder for anyone trying to do a brute force calculation of your password (i.e. trying to login with all letter and number combinations of a password) you should of course not only choose a long password, but also avoid words from dictionaries, have at least one capital letter, one number, one special character and most important not have them at the end or in the beginning of your password.

The graph below show you how little time is needed to crack different types of passwords using brute force. As you can see you need to add capital letters, numbers and special characters to make your password a little bit more secure.

Number of minutes until your password is cracked using brute force. Click on the graph to view bigger version.

If you want to see how easy it is to crack your password you can try our password calculator. It will show you how easily someone can use brute force to hack your accounts like email accounts and even your admin account in your WordPress blog.