Even in today’s technology-reliant world, not everyone realises the common techniques used to crack passwords or other ways we can make our accounts vulnerable, from simple and widely used passwords. For your password safety, we’ve put together a list of top tips for creating a secure password!
Social Engineering: Social engineering is the term used for a broad range of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.
What makes social engineering especially dangerous is that it relies on human error, rather than vulnerabilities in software and operating systems. Mistakes made by legitimate users are much less predictable, making them harder to identify and thwart than a malware-based intrusion.
Dictionary attacks: Avoid repeated keyboard combinations— such as qwerty, asdfg or 12345. Don’t use dictionary words, slang terms, or words spelt backwards. These cracks rely on software that automatically plugs common words into password fields. Password cracking becomes almost effortless with a tool like John the Ripper or similar programs.
Brute force attack: Like the dictionary attack, the brute force attack comes with a bonus for the hacker. Instead of only using words, a brute force attack lets them detect non-dictionary words by working through all possible alpha-numeric combinations from aaa1 to zzz10.
Spidering: Savvy hackers have realised that many corporate passwords are made up of words that are linked to the business itself. Studying corporate literature, website sales material and even the websites of competitors and listed customers can provide the ammunition to build a custom word list to use in a brute force attack.
Savvy hackers have automated the process and let a spidering application, like those employed by leading search engines to identify keywords, collect and collate the lists for them.
Cracking security questions: Many people use first names as passwords, usually the names of a loved one (or pets) all of which can be deduced with a little research. Clicking the “forgot password” link within a webmail service or other site, sometimes asks you to answer a question or two. More often than not, the answers can be found on your social media profile.
Simple passwords: Don’t use personal information such as your name, age, birth date, loved one’s name, pet’s name, or favourite anything, etc. When 32 million passwords were exposed in a breach last year, almost 1% of victims were using “123456.” The next most popular password was “12345.” Other common choices are “111111,” “princess,” “qwerty,” and “abc123.”
Reuse of passwords: Reusing passwords for email, banking, and social media accounts can lead to identity theft.
So, with all these tips and tricks, you should be fully equipped to create strong passwords of every one of your accounts!