Answer:
Up to 99.99958% safer
Explanation:
Assuming the attacker knows the password restrictions (upper and lower case letters and digits only)
Lets calculate the password combinations for each possible length:
Total characters possible: [a-z]+[A-Z]+[0-9] = 62
(A) Passwords of length = 8 ->
(B) Passwords of length = 7 ->
(C) Passwords of length = 6 ->
(D) Passwords of length = 5 ->
If length is not known, but between 5 and 8:
(E) Passwords of length = [5-8] ->
Finally, to compare how much safer is to keep the password length hidden, we'll calculate the percentage of (A) to (D) passwords against (E)
The formulas are: