Common password cracking techniques and how to safeguard against them

If you think your passwords are secure just because they’re personal to you and you haven’t written them down anywhere, think again. Many people don’t realise that cracking passwords is nowhere near as hard as you think. In fact, there are scores of cyber criminals and legitimate internet security experts out there who can make short work of most passwords.

There are a number of common techniques that are used to crack most passwords, and we, naively, make our accounts vulnerable by making it easy for the hackers. Here’s how it works.

Guessing

According to an annual review of the worst passwords, the list of far-too-simple passwords includes password, 123456 (and similar variations), qwerty, abc123, access, letmein, trustno1 and similarly obvious choices. If your password is among these, you should change it without delay.

When choosing a password – and the same goes for ‘password forgotten’ security questions – don’t ever use private information such as your name, birthday, children’s or pet’s names or birthdays, nor your favourite song, sport, colour or anything else that is personal to you.

All of these can be deduced with a little research into your private life, which may well be accessible for all to see on Facebook! You have been warned.

Dictionary Attacks

When selecting a good password, avoid the following: consecutive keyboard combinations (qwerty, asdf), words that can be found in the dictionary, including words spelled backwards, slang words, common misspellings.

All of these, and including any numbers you place before or after, can be cracked easily using specially designed software programmes such as John the Ripper. The software automatically plugs common words into password fields.

Brute Force

Brute Force password access are always successful, eventually. Nothing particularly clever about these attacks, the software simply systematically tries every combination until it finds the right one.

The longer the password to crack, the more time it will take to discover the correct combination of characters. The complexity of the search is also increased by the use of upper and lower case letters, other keyboard symbols and the creativity of the password setter. The best passwords will take years to crack, but Brute Force software is getting quicker all the time…

Do check –  Top 7 Best Password Manager Apps Android

Multiple Uses

According to the Center for Internet Security, somewhere between a third and half of users use the same password for multiple sites. If you’re using the same password for several services – email, banking, social media accounts etc. – you are laying yourself wide open to security breaches on several accounts, and also to wider identity theft. Avoid this at all cost.

Security breaches happen with alarming frequency these days. LinkedIn was breached in 2012, Tumblr in 2013 and MySpace in June2016. Even Mark Zuckerberg had his Twitter and Pinterest accounts compromised. Just imagine the damage that can be inflicted by an unauthorised user in possession of your username, password, email address and other personal information, and take preventative action now.

Keeping your passwords safe

Once you’ve understood the importance of setting a strong password for each of your account, the next task is to make sure they’re kept in a safe place. Of course, the advice is to never keep a record of your password for security reasons, but this is becoming increasingly unfeasible in our digital world. How are you going to remember them all? In fact, chances are that if you can remember each of your passwords, they’re too easy to crack.

Most users keep lists or files with log in information for all their online accounts. If this is your choice of password storage, the most secure place to keep such a list is on an external flash drive that you have with you at all times.

Another excellent solution is a password manager – software that will store all your passwords, generate secure new passwords and sync them across your devices. PC Magazine has a recent review of the best password managers currently on the market here. It may feel risky entrusting all your most sensitive information to one service, typically a browser plug-in, but in this security driven digital world, password managers are the safest option around. Another advantage of using a password manager is that the software can generate secure random passwords that are better than anything you can come up with yourself.

Finally, the best password in the world is rendered useless if someone watches you key it in. Keyloggers are computer programs that can log your keystrokes as you type them, transmitting the information to a would-be cyber criminal. Double check the security programs on your computer and be extra vigilant on public or shared computers.

You may also like –

One Response

  1. Divakara Ganesh February 13, 2017

Add Comment