Weak passwords. Your account could be taken down today 😱
😨 I have bad news for those who use weak passwords. A hacker can guess even the most basic passwords in the time it takes to watch a movie.
A recent study by Hive Systems, a cybersecurity firm in Virginia, revealed that with a powerful consumer graphics card like the RTX 5090, a hacker can crack 8-character numeric passwords in just 3 hours.
This analysis is shown in Hive Systems' 2025 password chart (thanks to HotHardware for the news). The chart illustrates how quickly a hacker with a "consumer budget" can crack passwords of varying lengths and character combinations.
Important: "Consumer budget" actually means sweet RTX 5090 cards working in parallel, not just one. But even with a single card, the results are alarming.
Why are 8-character passwords no longer secure?
Currently, a common minimum on most websites is to use passwords of at least 8 characters. But this minimum length is dangerous if you only use numbers or predictable combinations.
Complexity helps, as it can take hours to months or even years to decipher a longer and more complex password, but it is not a total guarantee of security.
With $30,000 worth of RTX 5090 graphics cards, a hacker can:
- Decrypt 8-character numeric passwords instantly.
- Solve random 8-letter lowercase passwords in just 3 weeks.
If you use common or well-known dictionary words, the risk is immediate: your password can be compromised instantly.
Do you reuse or simplify your passwords?
Si no usas un password manager, probablemente tus claves sean sencillas o repetidas. Nunca reutilices contraseñas en cuentas financieras o sensibles. Para los hackers, una inversión de $30,000 en hardware es poca cosa comparado con el daño que pueden causar.
Speed at which a hacker with a consumer budget can crack known or dictionary-based passwords.Hive Systems
The impact of artificial intelligence on password security
If you thought waiting years for a password to be cracked was a long time, artificial intelligence completely changes the game.
Hive Systems studied how long it could take AI to train ChatGPT using enterprise-grade hardware similar to that used in its training:
- ChatGPT-3 hardware can decrypt an 8-letter lowercase password in just 1 hour.
- With ChatGPT-4 hardware, that time drops to 43 minutes.
- The hardware that operates ChatGPT can do it in just 30 minutes.
A complex 8-character password (with numbers, uppercase letters, lowercase letters, and symbols) can be cracked by AI in 2 months. Does this worry you especially if you're protecting a cryptocurrency wallet?
Impact analysis following security breaches
If a hacker with 12 RTX 5090 GPUs focuses on passwords leaked in the 2022 LastPass breach, the damage is devastating. At that time, LastPass was only applying 5,000 hashing iterations to some accounts, a very low number compared to current recommendations.
This means that modern hardware does even less work to break those passwords.
Good news for your passwords
If you use long passwords (16 characters or more) with numbers, uppercase letters, lowercase letters, and symbols, you are much safer against attacks from even powerful RTX 5090 arrays or AI like ChatGPT.
With increasing computing power and the future arrival of quantum computing, security rules will change. That's why it's now vital to use long, random passwords.
Expert tip: use password managers to create and store secure keys. If you prefer not to store data in the cloud, opt for local managers on your device.
Additional security: Two-step verification and passkeys
Always activate the two-factor authentication (2FA) in your accounts. If your password is compromised, 2FA acts as an additional barrier against unauthorized access. A very secure method is a physical key (like a YubiKey), which protects against phishing attacks.
However, using apps that generate one-time passwords (OTPs) is still better than not having 2FA.
The best defense? Switch to passkeys To log in, since they cannot be forced and are not vulnerable to phishing. You just need to be careful not to lose the device where you store them (for example: your phone).
You can create multiple backups for your passkeys and maintain a strong, long password with 2FA on your key accounts, stored in a manager that you fully control.
🔒 Don't wait any longer! Protect your accounts with strong passwords, trusted account managers, and 2FA to avoid becoming a victim of hackers. Check out our online security articles for more tips. 🚀
