actually you'd be suprised
if it's an over-the-wire crack where you can only check five passwords every 10 minutes because you get locked out; the chances of 'test password' being chosen that close to the beginning of dictionary permutations are... well. it would probably take longer than you're alive for someone to guess it
unless someone specifically assumes that common passwords may be combined in pairs and seperated with a space, and that's more likely than single words, which would be an odd assumption. it'd exponentially increase cracking time, and what if they use testpassword instead? that's taking something that may take a hundred years to figure out and making it take a thousand.
that's why when a forum locks you out after a half a dozen failed login attempts, you shouldn't get upset about it. it's a good feature. it turns 'unlikely' into 'damn near impossible.
Bookmarks