Be Safe From Hackers - CarseNoodle :: A Blog About Blogging And Earning Money Online.
Monday, 4 January 2016

Be Safe From Hackers

Weak passwords are a constant problem for people, websites and businesses trying to secure their data. There are thousands of hackers all over the world trying to break into systems at all hours of the day using password cracker software.

Since disconnecting systems from the internet is not an option for most organizations, it is important to enforce strong password policies in order to keep hackers out. The reason for that is if users are given the opportunity, they will pick weak passwords. Fortunately, all modern operating systems today allow system administrators to enforce strong password policies.

Most Common Passwords

Many people are prone to using short and simple passwords that are easily guessed. Some of those most common passwords include:

* Blank password
* The word "password"
* The user's username or login name
* Names of spouses, friends, or pets
* License plate numbers
* Swear words
*Words Related To Personal Daily Life

Hackers use password hacking programs that attack most of the above passwords as well as many other simple variations of the above. Hackers targeting a specific person such as a politician or celebrity can perform searches on the internet to get personal information. Even a myspace page that contains the name of a pet could allow a hacker to break into a user's account.

Self-Service Password Reset Vulnerability

Educated guesses are very effective when it comes to systems with self service password reset policies that ask personal questions. In 2008, Sarah Plain's yahoo mail account was hacked by someone researching Sarah Plain's personal life to answer the password reset questions.

Phishing Schemes and Key-loggers

The easiest way to get passwords is to have Trojan horses install programs on a user's PC to record keystrokes via a key-logger program. Another way (Phishing) is for a hacker to set up a website/webpage that looks exactly like the real website and trick users into giving away their username and password via a link given in email to the fake website. It's important for users to be suspicious of all email purporting themselves to come from their bank, school, social networking websites, etc.

Password Strength

The following character classes are used to define the strength of a password.

* Upper case letters (26 characters)
* Lower case letters (26 characters)
* Punctuation (approximately 33 characters)
* Numbers (10 characters)

The amount of time and computing effort required to break a password increases significantly if a random character is picked from each character class. In a recent phishing scheme for myspace passwords, only 8% of passwords had all four character classes.

Best Practices for Password Security

Only a few important steps are needed for users to protect their passwords and online security.

The first thing to do is to pick a strong password utilizing all characters classes to maximize the strength of a password. The password needs to be at least eight characters but more is better. Make it easy to memorize by using a mnemonic device. For example:

Mdslwys90! (My dad is always right = right angle 90!)

Secondly, make sure all antivirus software, phishing filter software, and anti-malware software is installed. There is free antivirus software out there that is quite good and comparable to paid commercial antivirus software.

Finally, be suspicious of all emails even if they appear to be authentic. Except for an occasional slip in English grammar, it's usually impossible to detect an email that is actually part of a phishing scheme. The graphics and logo in the email as well as the fake website are usually identical to the real website. The best practice is to always use the browser bookmark to go to the website instead of using a link in an email.

Be Safe From Hackers Reviewed by Unknown on 01:04:00 Rating: 5 Weak passwords are a constant problem for people, websites and businesses trying to secure their data. There are thousands of hackers al...

No comments: