Attackers can use techniques such as brute force and dictionary attacks to guess your password. Below is an overview of the estimated time it will take using service specific algorithms.
Online with rate limit:
This authentication is used in most online services where you need to authenticate with an account and password. Rate limiting ensures that you cannot keep guessing a password, for example locking you out after 5 invalid attempts for a couple of minutes.
Online without rate limit:
This authentication is used in less secure online services or when the attacker has circumvented the rate limiting. This means you can keep guessing a password, without a cooldown after an amount of invalid attempts.
Offline slow hash:
This authentication is used in an offline environment and in combination with multiple attackers, using a slow hash function without moderate work factor, such as bcrypt and scrypt.
Offline fast hash:
This authentication is used in an offline environment, where an incredibly high amount of cores and machines are used, using a fast hash function such as SHA-1 and SHA-256.
Get the app on Android
PassProtect is available for your mobile device as well, letting you generate safe and strong passwords for your account, Wi-Fi network and keys. Get the free or premium version, with additional functionality only available on mobile.