Here is why you are required to create a password consisting of lowercase, uppercase, numbers, and special characters, and usually a minimum password length
of eight characters (although 10 is preferable):
There are 26 lowercase letters, 26 uppercase letters, 10 numbers, and 32 special characters. These combined make up a key space. This key space can be calculated
based on the following formula: C^N where C is the number of possible characters used and N is the password length. So, let's say that you use a password
that only consists of 6 characters and they are all lowercase. This means that there are 26^6 possibilities. This equates to 308 million possibilities. Changing
your password to 10 characters raises this value dramatically to 26^10, which is also 141 trillion possibilities. An important note here is that although a
10 character password (all in lowercase) may look pretty darn secure, there are password cracking software tools available that can iterate through 2.8 billion
password combinations in just one second. This means that it would take a tool like this only about 13 hours to crack a 10 character lowercase password.
Now, let's say that you use a combination of the four variants (lowercase, uppercase, numbers, and special characters). This means that you are using 94 possible
values (26+26+10+32). A password such as this is also known as a complex password. We will also use the six and 10 character length as examples. A complex
password consisting of just six characters (94^6) equals 689 billion possibilities. In contrast, a complex password that consists of 10 characters (94^10) equals
53 quintillion. To recap on what this means, the order is million, billion, trillion, quadrillion, and then quintillion. What this boils down to is that a
complex password consisting of 10 characters will take years to crack!
References
Darril Gibson, (2011). CompTIA Security+
Complex passwords can be a pain; however, perhaps this will allow you to understand the reasons behind the madness. It really is to ensure that you are and stay
secure in a digital world.
