⏱️ How Long Does It Take to Crack a Password in 2026?
Password cracking time is how long it takes an attacker to guess a password by systematically trying every possible combination (a brute-force attack) or by testing lists of known and leaked passwords. In 2026 that time ranges from instant for short, simple passwords to trillions of years for long, randomly generated ones. This guide shows exactly where your password falls and how to move it into the "not in your lifetime" column.
The numbers below answer three questions people ask most: what determines cracking time, why it matters even if you think no one is targeting you, and how to build a password that is mathematically infeasible to crack. Every figure is tied to a stated assumption or a named source so you can verify it.
Password Cracking Time by Length and Character Type (2026)
The table below shows the worst-case time to brute-force a password that has been stolen from a website and stored with a fast, weak hash (such as unsalted MD5 or SHA-1, which are still found in real breaches). It assumes a modern cracking rig running roughly 100 billion guesses per second — achievable today with a handful of consumer GPUs. Times are rounded to the nearest meaningful unit.
| Length | Numbers only (0-9) |
Lowercase (a-z) |
Upper + lower + digits (a-z A-Z 0-9) |
All ASCII + symbols (95 characters) |
|---|---|---|---|---|
| 8 | Instantly | 2 seconds | 36 minutes | 18 hours |
| 10 | Instantly | 23 minutes | 3 months | 19 years |
| 12 | 10 seconds | 11 days | 1,000 years | 170,000 years |
| 16 | 1 day | 14,000 years | 15 billion years | 14 trillion years |
| 20 | 32 years | 6 billion years | 220 quadrillion years | 1+ sextillion years |
Two patterns jump out. First, each extra character multiplies the cracking time — adding one symbol-set character to a 12-character password can turn a thousand years into hundreds of thousands. Second, a long simple password beats a short complex one: a 16-character lowercase password (14,000 years) is far tougher than an 8-character password crammed with symbols (18 hours). That is exactly why modern guidance prioritises length.
Why the Hashing Algorithm Changes Everything
The table above assumes the worst case: a website that stored your password with a fast hash. But cracking time depends just as much on how the site protected your password as on the password itself. When a company is breached, attackers rarely get plaintext passwords — they get a database of hashes and try to reverse them offline. How fast they can do that depends entirely on the algorithm:
- MD5 / SHA-1 (broken, still in use): tens to hundreds of billions of guesses per second on a single GPU. This is the scenario in the table above.
- SHA-256 (better, but designed to be fast): still billions of guesses per second — not built for password storage.
- bcrypt, scrypt, Argon2 (purpose-built): deliberately slow, throttling a powerful rig to a few thousand guesses per second — billions of times slower than MD5.
That difference is enormous. Against bcrypt, the well-regarded Hive Systems 2025 Password Table (built by running twelve NVIDIA RTX 5090 GPUs against bcrypt hashes) found that an 8-character all-lowercase password takes roughly three weeks to crack, while an 8-character password using upper- and lower-case letters, numbers, and symbols would take about 164 years. The very same 8-character password stored as unsalted MD5 would fall in well under a minute. You never get to choose which algorithm a website uses — which is the whole reason length and uniqueness are your only reliable defences.
The Math Behind It: Password Entropy
Every cracking-time estimate comes from one idea: entropy, measured in bits. Entropy is the number of guesses an attacker would need, expressed as a power of two. The formula for a randomly generated password is:
bits of entropy = length × log₂(size of character set)
Each additional bit doubles the number of possible passwords, so every bit doubles the cracking time. Some reference points:
| Password | Character set | Approx. entropy | Verdict |
|---|---|---|---|
| 8 chars, lowercase | 26 | ~38 bits | Weak |
| 12 chars, all types | 95 | ~79 bits | Strong |
| 16 chars, all types | 95 | ~105 bits | Very strong |
| 4-word random passphrase | — | ~52 bits | Fair |
| 6-word random passphrase | — | ~78 bits | Strong |
Security researchers generally treat anything above ~75 bits of entropy as safe against brute force for the foreseeable future. The catch is the word random: entropy math only holds if a machine picked the characters. "P@ssw0rd123!" looks complex but has almost no real entropy, because attackers try predictable substitutions first. That is why a random password generator beats anything a human invents.
Most Passwords Are Never Brute-Forced — They Are Stolen
Here is the uncomfortable truth the cracking table does not show: the majority of accounts are never brute-forced at all. According to the 2025 Verizon Data Breach Investigations Report, stolen credentials were the initial access point in 22% of all breaches, and Microsoft reports blocking more than 7,000 password attacks every second. Attackers do not need to crack a 14-trillion-year password if you reused it on a site that already leaked it.
That is why the two habits that actually protect you are length and uniqueness. A password that is long enough to survive brute force but reused across ten sites is only as safe as the weakest of those ten sites. Check whether your own logins have already appeared in a breach using a service like Have I Been Pwned, and never reuse a password that shows up.
🔐 The realistic way to have uncrackable passwords everywhere
No one memorises a different 16-character random string for 100 accounts. A password manager generates and stores maximum-entropy passwords for you, so every login gets a unique one that would take billions of years to crack. NordPass uses XChaCha20 encryption and a zero-knowledge architecture, and its generator produces passwords well past the 79-bit "strong" threshold in one click.
Get NordPass →Affiliate link — we may earn a commission at no extra cost to you.
How to Build a Password That Takes Billions of Years to Crack
Putting the math into practice, here is exactly how to land in the safe column of the table:
- Make it at least 16 characters. Length is the highest-leverage lever you have. Sixteen random characters push you past 100 bits of entropy regardless of hashing.
- Let a machine choose the characters. Use a password generator so the result is genuinely random, not a human pattern an attacker will guess first.
- Use a unique password on every account. This neutralises credential stuffing — the attack that actually drains accounts.
- Prefer a passphrase if you must memorise one. Five or six random words (for example, a master password for your manager) reach strong entropy while staying typeable. See password vs passphrase for the trade-offs.
- Turn on MFA or passkeys. Even a cracked or stolen password is far less useful when a second factor blocks the login.
- Store everything in a password manager. It is the only sustainable way to keep dozens of long, unique passwords without reuse.
Frequently Asked Questions
Can a quantum computer crack my password instantly?
Not in 2026. Quantum computers threaten certain public-key encryption schemes, but brute-forcing a password hash is a different problem. Grover's algorithm could theoretically halve the effective bits of entropy — meaning a 128-bit password would behave like a 64-bit one — but practical quantum hardware capable of this does not exist yet. A 16-character random password remains safe.
Is a 12-character password still enough?
For a site using modern hashing (bcrypt or Argon2), a 12-character random password with mixed characters is strong. But because you cannot control how a website stores it, 16 characters gives you a comfortable safety margin against fast-hash breaches.
Does adding symbols really help?
Symbols expand the character set from 62 to 95, which helps — but far less than adding length. Going from 12 to 16 characters multiplies cracking time far more than sprinkling in punctuation. Use both, but never trade length for symbols.
Sources and Methodology
Cracking times in the main table are calculated from first principles: total combinations (character-set size raised to the password length) divided by an assumed rate of 100 billion guesses per second, representing an offline attack on a fast, weak hash. Figures attributed to specific organisations are cited inline:
- Hive Systems — Password Table, 2025 (bcrypt, twelve NVIDIA RTX 5090 GPUs)
- Verizon — Data Breach Investigations Report (DBIR), 2025
- Microsoft — Digital Defense Report, 2025
- NIST — Special Publication 800-63B (Digital Identity Guidelines)
Note on methodology: Real-world cracking times vary enormously with the hashing algorithm a service uses. The main table reflects a worst-case fast-hash scenario; a password stored with bcrypt or Argon2 would take billions of times longer to crack than the values shown.