I’m not the world’s biggest fan of Steve Gibson and his Security Now! podcast. Recently someone notified me of a neat website that Mr. Gibson created. The website which he calls Haystack is a ‘brute force search space calculator’.
So what IS the “Search Space Calculator” ?
This calculator is designed to help users understand how many passwords can be created from different combinations of character sets (lowercase only, mixed case, with or without digits and special characters, etc.) and password lengths. The calculator then puts the resulting large numbers (with lots of digits or large powers of ten) into a real world context of the time that would be required (assuming differing search speeds) to exhaustively search every password up through that length, assuming the use of the chosen alphabet.