That's how long it'd take a normal desktop computer without GPU acceleration or anything special. Then look how much computers have changed in the past decade. In 10 years it might only take a few days to crack it. Well when that happens you can just add another character to it.
Just curious, why focus on cracking the password, isn't it possible to bypass it all together? When you use a password it hashes what you type in and sees if that hash checks the password hash, if it does it allows you access. Can someone just bypass the password check all together? I'm not sure if that makes sense, if it doesn't let me know and I'll try to rephrase it.