Interesting Facts - Passwords

Hey guys, I have been considering starting a new series of posts containing facts on random subjects. So I'm giving it a shot, here are some interesting facts about passwords!

Ok lets get this list rolling.

• The minimum password length that experts recommend in order to avoid brute force cracking is now 13 characters

• On average users change passwords every 2.5 - 3 years (I believe this is due to the fact that users are only promoted to change their passwords once it's too late)

That last one is surprising, it seems pretty dangerous to keep the same password for such extended periods of time especially if it's not as strong as it should be. Anyway, carrying on.

• It is recommended that passphrases are used as passwords, this is typically because of the fact that passphrases are 20 - 30 characters in length, making them extremely difficult to crack

• 2/3 of all internet users use 1 or 2 passwords for every single online account

• An eight-character password containing
  a combination of upper and lower-case characters has a total of 53 trillion billion combinations

Two Factor Authentication doesn't have much to do with passwords but is certainly a good way to add an extra layer of protection. This is especially true if you have a habit of using weaker passwords.
This addition requires not only the password, but also a verification code that is either sent in the form of an SMS or an email.

These facts certainly bring to my attention the dangerous habits many users have In terms of internet security, let me know what you think about these facts. Did you know them already or is this your first time seeing them?

Thanks for reading,
-Minrr