Why A Strong Password Will Save You? - That Computer Engineer

Breaking

Learn | Teach | Explore

Tuesday, July 17, 2018

Why A Strong Password Will Save You?

Password plays an important role in authenticating a user for accessing the resources. A weak password makes your vulnerable while a complex one is easy to forget. Organizations provide a password guideline to be followed by their employees because humans are the weakest link in any network. 

Following these guidelines does not make you immune to all the attacks, but it makes you less vulnerable. Organizations have started using other authentication mechanisms in the form of biometrics, smart card, etc along with a password for security. 

password cracking protection safeguarding cyber securityWhat is password cracking?


Password cracking is the process of recovering passwords from transmitted or stored data. Passwords may be extracted using techniques designed to reveal credential. And the best part is that the walkthrough is available online.

One thing that can be used for password cracking is Social Engineering

What is wrong with your password?


We tend to choose a password which is easy to remember and can be made using an easy guess. Choosing a password that is too simple, the person risks losing his credentials. Some examples of a weak password are:
  • You are using the only number either in all uppercase or lowercase
  • You use only digits as passwords
  • You may use your name, date of birth, father name, etc as your password.
  • Your password is too short.
  • What’s the risk?
  • You lose your email control. Since your email (e.g. Gmail) is linked to many other of your accounts.
  • A lot of your private or confidential emails are stored on your email. Again of your password leaves you at the risk of leakage of that information.
  • Identity theft can be made easy once someone gets hold of your account. Scary. isn’t it?


What can you do?


  • Use a password with a combination of uppercase letter, lowercase letter, digits, special symbols, etc.
  • Don’t’ re-use your password. Never!
  • Don’t use the same password for different sites.
  • Don’t include your name, birthday, phone number or other identifiable information in your password.
  • Use two-factor authentication in the form of OTP, biometric, etc, just like it is used by some sites.
  • Make your password long. The longer the password, the lesser are the chances of cracking it.
  • Don’t write down your password for others to see.
  • Avoid saving your password in the browser.


Some password cracking technique


Brute force attack

An exhaustive search in which all the possible keys are tried until the correct one is found. It takes too much time and CPU resources.

Active Online Attack

Installation of password cracking software like Keyloggers, spyware, trojans, phishing, etc on the target system to extract information.

Dictionary Attack

Using a text file that contains a list of known words. These words are tried in arrangement to get the correct password.

Non-Technical Attack

Doesn’t require any technical knowledge. This includes theft, social engineering,  dumpster diving, shoulder surfing, etc.

Guessing

Sometimes, a normal guess is enough to log into a system.

No comments:

Post a Comment