We perform two separate calculations to determine the time it would take to crack your password.  The first method assumes that the hacker has no knowledge of your password or password mask, and must attempt all possible solutions.  The second method assumes the hacker has knowledge of your password mask and can concentrate their efforts on all possible passwords within that mask.  

The purpose of the two test is to cover the case where you are using a web site and the web site publishes the minimum and maximum lengths and the mask (publishes the allowable characters such as all alpha-numeric).  It is necessary to publish these criteria but by doing so, it aides the would be hacker by giving them the information they need to adjust their applications to focus on the possible combinations and exclude any combinations that cannot exist.

For example, a six character alpha-numeric only password has 56,800,235,584 possible combinations while a six character password that includes the special characters in addition to alpha-numeric has  689,869,781,056 possible combinations - a difference of 633,069,545,472 combinations.  Since the hacker has knowledge that no special characters are used, they need only test the 56 billion possible solutions versus the 633 billion.  At 100 million test per second, they could crack your password in less than 10 minutes on average.  

Using the strength calculator, you can quickly determine just how strong or weak your passwords are.  Once you determine the strengths or weaknesses, you can adjust your mask to increase the strength.  You should examine both results when determining the strength.  If the more conservative method indicates that the password is weak, you may consider making slight modifications to the mask until you are comfortable with both results.

The password strength calculator also examines your password mask for weaknesses such as being too short, or not having any special characters in to.  The calculator  also includes a strength indicator ranging from "Very Weak" to "Very Strong".  The bar uses the conservative calculations to determine the strength shown.

This update is not a critical update and is not necessary to download.

This is a free update to PasswordAttendant.