How people can hack/find your passwords
Level 6 : Apprentice Hunter
Posted 05/05/12 8:57:48 am
Pay particular attention to the difference between using only lowercase characters and using all possible characters (uppercase, lowercase, and special characters o like @#$%^&*). Adding just one capital letter and one asterisk would change the processing time for an 8 character password from 2.4 days to 2.1 centuries.
Remember, these are just for an average computer, and these assume you areno t using any word in the dictionary. If Google put their computer to work on it theyo d finish about 1,000 times faster.
Now, I could go on for hours and hours more about all sorts of ways to compromise your security and generally make your life miserable o but 95% of those methods begin with compromising your weak password. So, why not just protect yourself from the start and sleep better at night?
Believe me, I understand the need to choose passwords that are memorable. But if youo re going to do that how about using something that no one is ever going to guess AND doesno t contain any common word or phrase in it.
Here are some password tips:
- Randomly substitute numbers for letters that look similar. The letter o oo becomes the number o 0o ², or even better an o @o or o *o . (i.e. o m0d3ltf0rdo ¦ like modelTford)
- Randomly throw in capital letters (i.e. o Mod3lTF0rd)
- Think of something you were attached to when you were younger, but DONo T CHOOSE A PERSONo S NAME! Every name plus every word in the dictionary will fail under a simple brute force attack.
- Maybe a place you loved, or a specific car, an attraction from a vacation, or a favorite restaurant?
- You really need to have different username / password combinations for everything. Remember, the technique is to break into anything you access just to figure out your standard password, then compromise everything else. This doesno t work if you dono t use the same password everywhere.
- Once youo ve thought of a password, try Microsofto s password strength tester to find out how secure it is.
Now I realize that every day we encounter people who over-exaggerate points in order to move us to action, but trust me this is not one of those times. There are 50 other ways you can be compromised and punished for using weak passwords that I haveno t even mentioned.
I also realize that most people just dono t care about all this until ito s too late and theyo ve learned a very hard lesson. But why dono t you do me, and yourself, a favor and take a little action to strengthen your passwords and let me know that all the time I spent on this article wasno t completely in vain.
Please, be safe. Ito s a jungle out there.
|Credit:||Article by John Pozadzides, posted by matty__994|
Join us to post comments.