Experts warn nearly half of the world’s passwords can easily be cracked in just a few minutes


Using real-world samples recovered from the dark web, Kaspersky researchers have tested how long it would take to crack most passwords, and found that almost half of the world’s passwords can be cracked in less than a minute.

Additionally, the research shows that within an hour, that number rises to three out of five passwords.

Armed with this knowledge, the researchers then explored what differentiates a strong password from a weak one.

Read more…
Source:  TechRadar News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Hackers claim to have hit Under Armour in massive data breach

    November 18, 2025

    The notorious Everest ransomware group has claimed sportswear maker and retailer Under Armour as its latest victim – with the group posting what it claims is a sample of ‘more than millions of personal data’ and internal company data onto a dark web site. The dark leak site post claims the hackers have accessed and exfiltrated ...

  • Active Exploitation Reported for CVE-2025-11001 in 7-Zip

    November 18, 2025

    Active exploitation of CVE-2025-11001 has been observed in the wild. A security researcher has also publicly released a proof-of-concept (PoC) exploit for CVE-2025-11001. The PoC allows attackers to abuse symbolic-link handling to write files outside of the intended extraction folder, which in some scenarios, can enable arbitrary code execution. Read more… Source: NHS Digital Sign up for the Cyber ...

  • Microsoft says Azure was hit with a massive DDoS attack launched from over 500,000 IP addresses

    November 18, 2025

    Microsoft has said it successfully mitigated, “the largest DDoS attack ever observed in the cloud” after cybercriminals running the Aisuru botnet targeted a single endpoint, located in Australia. The attack was a sight to behold: more than 500,000 source IPs, across various regions, descended upon the endpoint, delivering a multi-vector Distributed Denial of Service (DDoS) attack ...

  • Google Releases Security Update for Chrome

    November 18, 2025

    Google has released security updates for Chrome to address two high severity vulnerabilities in the V8 JavaScript engine. CVE-2025-13223 – Type Confusion in V8 – High severity – Google is aware an exploit exists in the wild. CVE-2025-13224 – Type Confusion in V8 – High severity Read more… Source: NHS Digital Sign up for the Cyber Security Review Newsletter The latest ...

  • Digital Doppelgangers: Anatomy of Evolving Impersonation Campaigns Distributing Gh0st RAT

    November 14, 2025

    Palo Alto Unit 42 researchers have identified two interconnected malware campaigns active throughout 2025, using large-scale brand impersonation to deliver Gh0st remote access Trojan (RAT) variants to Chinese-speaking users. From the first campaign to the second, the adversary advanced from simple droppers to complex, multi-stage infection chains that misuse legitimate, signed software to bypass modern defenses. ...

  • Fortinet Releases Security Advisory for Relative Path Traversal Vulnerability Affecting FortiWeb Products

    November 14, 2025

    CISA is aware of exploitation of a newly disclosed vulnerability, CVE-2025-64446, in Fortinet FortiWeb, a web application firewall. This vulnerability affects the following FortiWeb versions:1 8.0.0 through 8.0.1 7.6.0 through 7.6.4 7.4.0 through 7.4.9 7.2.0 through 7.2.11 7.0.0 through 7.0.11 CVE-2025-64446 is a relative path traversal vulnerability CWE-23: Relative Path Traversal that may allow an unauthenticated ...