There was a time when security experts confidently claimed that an 8-character password, with a mix of symbols and numbers, is adequately secure. However, that is no longer the case. By combining an accurate estimate of human psychology with the power of latest technology, any 8-character password can be cracked in no time.
There are a number of studies which support this conclusion. These studies, done at different times, aimed at discerning the password-selection habits of individuals. In the light of these studies, it would be apt to say that most humans are very predictable.
For instance, generally users tend to use such names or numbers which hold some kind of personal value. When a study evaluated 6 million actual passwords by users, it was learned that 98.1 percent of all the accounts could be accessed by using only 10,000 most common passwords.
This shows that although we may consider our 8-character password unique, more often than not it is being shared by a huge number of other users. The drawback is further compounded by the fact that most users tend to use the same password for multiple accounts.
An average user has a total of 26 online accounts and yet, one uses only 5 passwords on average to access them all. Once a hacker is able to gather sufficient social information about any given user, he can use that and combine it with a machine that has great computing powers to crack any 8-character passwords within hours. Therefore, 8-character passwords, even if they are a mix of names and numbers, are no longer secure.