How passwords get cracked
On One Man’s Blog you can find out how alarmingly easy it is to crack passwords.
The first step in cracking a password includes the simple act of guessing the top ten passwords (see below) used by 20 percent of all users.
- Your partner, child, or pet’s name, possibly followed by a 0 or 1 (because they’re always making you use a number, aren’t they?)
- The last 4 digits of your social security number.
- 123 or 1234 or 123456.
- “password”
- Your city, or college, football team name.
- Date of birth – yours, your partner’s or your child’s.
- “god”
- “letmein”
- “money”
- “love”
If this does not work, brute-force attack is the next thing to do, which, as you can see in the table below, can get the job done in as little as 0.02 seconds.
This is eye-opening stuff, even for users who know better than to use “1234″ as their password. The author goes on to provide seven great tips on choosing safer passwords, including using Microsoft’s password strength tester.
Here are some password tips suggested by the man from One Man’s Blog:
- Randomly substitute numbers for letters that look similar. The letter ‘o’ becomes the number ‘0?, or even better an ‘@’ or ‘*’. (i.e. – m0d3ltf0rd… like modelTford)
- Randomly throw in capital letters (i.e. – Mod3lTF0rd)
- Think of something you were attached to when you were younger, but DON’T CHOOSE A PERSON’S NAME! Every name plus every word in the dictionary will fail under a simple brute force attack.
- Maybe a place you loved, or a specific car, an attraction from a vacation, or a favorite restaurant?
- You really need to have different username / password combinations for everything. Remember, the technique is to break into anything you access just to figure out your standard password, then compromise everything else. This doesn’t work if you don’t use the same password everywhere.
- Since it can be difficult to remember a ton of passwords, I recommend using Roboform. It will store all of your passwords in an encrypted format and allow you to use just one master password to access all of them. It will also automatically fill in forms on Web pages, and you can even get versions that allow you to take your password list with you on your PDA, phone or a USB key. If you’d like to download it without having to navigate their web site here is the direct download link.
- Once you’ve thought of a password, try Microsoft’s password strength tester to find out how secure it is.
Source: LifeHacker.com & One Man’s Blog
Popularity: 76% [?]
Thank you for reading this post. You can now Leave A Comment (0) or Leave A Trackback.
Post Info
This entry was posted on Friday, January 30th, 2009 and is filed under Misc, Spy Tools.You can follow any responses to this entry through the Comments Feed. You can Leave A Comment, or A Trackback.
Previous Post: Tips to Fool Keyloggers in Public Internet Cafes »
Next Post: How to Crack Applications and Games on Apple iPhone and iPod Touch »
- What is a SPY Software system?
- Problems Encountered During the Usage of Your Own Hardware Keylogger
- The Unique Way of Protecting the Computer From Digital Spies
- The Artifacts of Hardware Keyloggers
- Ever Wondered How You could Monitor Your Child
- How Orkut Account Passwords Get Hacked
- How to crack a password protected RAR file (I)
- How to Hack BIOS Passwords
- Google Makes it Easy to Spy on Kids, Workers
- Top 10 Password Crackers
