A research by Joseph Bonneau, a researcher from Cambridge University, reveals that Indonesian people have the tendency to use weak or easy to break password. On the contrary, Germany and Korea are the countries which people use safe password.
The fact is acquired from the research on password used by around 70 millions Yahoo! user. This research is the biggest research on password that ever done. Bonneau got hashed password and owner data from official database. Bonneau then analyzed the password’s strength from this database.
Bonneau’s research was presented in the Security and Privacy Symposium in San Fransisco, California, last May 23. NewScientist which reported the event didn’t reveal any more fact about password in Indonesia, but mentioned other facts based on Bonneau’s research result. Among them is a person who change their password periodically, tends to have safer password.
This research also reveals that most passwords do not meet the recommendation from security expert. Counted by bits, average password strength is less than 10 bits or only 1024 guesses are needed to break the password. Meanwhile, security expert recommends using 6 digits password with number and letter random combination, creating a password with 32 bits security level.
To raise the password security, Bonneau suggests that user use 9 digits password. This password will have 30 bits security level. According to Bonneau, this password is still easy to remember because people are used to remember phone numbers. Read also this article (in Indonesian) so you can understand what you have to pay attention to when using numeric password.
[Image Source]