What is a Password?
Password is combination of alphanumeric and special characters, kept as secret by individual or group. This combination of characters are used as key to safeguard software, system or any sensitive information from unauthorized access. Passwords are very critical in todays information world. They work like normal keys which we use to lock our house, office, car and other things we deal with in our day to day activities.
Weakness of Password
Passwords are very strong yet they have their own vulnerabilities. Below are the most common weaknesses of passwords.
Guessing: The most common way to get passwords is guessing. People especially non-technical users creates passwords with the combinations that can be guessed easily. If you can ask many people what they use as passwords, the common ones will be: date of birth, phone number, name of loved ones, vehicle plate numbers, nick names etc. This makes it very simple for an attacker who really knows the user to guess the keys.
Phishing: Phishing is an attack which is commonly done via email. Take for example you received an email claiming its from Facebook. The email reads like “Dear User we are having problem with our system, kindly click below link to change your password” many users wont even look at the link they will just click it! The few that will check it wont bother to confirm its authenticity. Once the link is clicked anything can happen. Virus, trojan or malware can be installed on your system. Once installed successfully, your system is no longer safe! It will copy what ever credentials (username, passwords, credit card information etc.) you type and send them to the attacker. If the attacker is not experienced enough, he can create a bogus site which will look like real Facebook site. When you enter the password boom! Your account has been compromised!
Bruteforce: This happens when an attacker try to use all possible combinations (numbers, alphabets and special characters). Attackers use what is called dictionary to get the combinations in a most extreme speed. All passwords are vulnerable to this attack. Though some passwords will be guessed easily, while some will take almost forever to crack. Though the success of such attack depends on the budget used.
Password is combination of alphanumeric and special characters, kept as secret by individual or group. This combination of characters are used as key to safeguard software, system or any sensitive information from unauthorized access. Passwords are very critical in todays information world. They work like normal keys which we use to lock our house, office, car and other things we deal with in our day to day activities.
Weakness of Password
Passwords are very strong yet they have their own vulnerabilities. Below are the most common weaknesses of passwords.
- Guessing
- Phishing
- Bruteforce
Guessing: The most common way to get passwords is guessing. People especially non-technical users creates passwords with the combinations that can be guessed easily. If you can ask many people what they use as passwords, the common ones will be: date of birth, phone number, name of loved ones, vehicle plate numbers, nick names etc. This makes it very simple for an attacker who really knows the user to guess the keys.
Phishing: Phishing is an attack which is commonly done via email. Take for example you received an email claiming its from Facebook. The email reads like “Dear User we are having problem with our system, kindly click below link to change your password” many users wont even look at the link they will just click it! The few that will check it wont bother to confirm its authenticity. Once the link is clicked anything can happen. Virus, trojan or malware can be installed on your system. Once installed successfully, your system is no longer safe! It will copy what ever credentials (username, passwords, credit card information etc.) you type and send them to the attacker. If the attacker is not experienced enough, he can create a bogus site which will look like real Facebook site. When you enter the password boom! Your account has been compromised!
Bruteforce: This happens when an attacker try to use all possible combinations (numbers, alphabets and special characters). Attackers use what is called dictionary to get the combinations in a most extreme speed. All passwords are vulnerable to this attack. Though some passwords will be guessed easily, while some will take almost forever to crack. Though the success of such attack depends on the budget used.
.........tobe continued
Join Us on
Facebook: ICTmagazine
Twitter: @ictmergazine
BBM Chanel: ICTmagazine
Comments
Post a Comment