Knowing nothing about the password will render your bruteforce a waste of time and resources.
At least for now, try %1,10in, or a reasonable range of characters at that speed.
Then if there's no result, you can be certain that it's not a 1~10 alpha numeric characters.

But for it to be feasible, you should at least provide any possible characters/words to minimize the search for random alpha-numeric characters.