“A team of researchers at Georgia Tech Research Institute is investigating whether passwords are now worthless, given the supercomputer-like performance now available to hackers using standard desktop graphics cards.

“Right now we can confidently say that a seven-character password is hopelessly inadequate – and as GPU power continues to go up every year, the threat will increase.”

“In today’s world passwords are simply not enough to protect sensitive information on their own. In fact, VeriSign research of UK online adults showed that 39% disagree that ‘user name plus password’ is a strong enough security measure.

“A password is only one layer of security, which criminals have proven they are able to bypass – either through brute force as the Georgia Tech researchers have demonstrated, or, often, simply by guessing.””

From ComputerWeekly.com