To be honest, passwords are annoying, forgetful, and restrictive. We are guilty of our passwords being taken for granted. It would be safe to speculate that a large majority of computer users now, didn’t bother with passwords until they got their first web based email account. The love and hate of a good password, a forgotten password, and computers/accounts that do not have passwords at all, merit a second look specially considering today’s news of account hackings, identity theft, scams and viruses. A Good Password is:
- At least 10 characters long
- Composed of numbers, letters of different cases, and special character symbols
- Unique, use a different password for each of your online accounts. Never use the same password for another online login
Numerous online security websites and advocates encourage good password practices.
Microsoft is one of the many companies that help advice users with the security of their passwords against human and automated guessing attackers. Check your password's rating of security from the Microsoft Safety and Security Center
In this article, the section for describing a “good password” is considerably shorter than the following text. The next part of this article will emphasize and tell stories of how bad passwords are truly risky.
Recent news reports of website hacking and password “robbery” performed by anonymous hacking groups tell stories of how a single hacked password can put the work and personal emails of an individual in danger of identity theft and public disclosure.
=================================== ”LulzSec” hacking group tried to blackmail CEO of data security firm http://www.neowin.net/news/report-lu...-security-firm
This recent article explains how an anonymous hacking group by the alias of “LulzSec” infiltrated and managed to hack the security of an online security company! While the news is indeed ironic, the severity of its effects are felt by the company and targeted victim. Per the news article, LulzSec was able to hack only the website login details. However, upon checking the hacked website logins against popular online services like email, facebook, and twitter, an alarming number of reports show that users have used the same password on majority of their internet accounts. If only the hacked passwords were unique from the user’s personal accounts, they would have kept the danger of identity theft and disclosure at a minimum.
=================================== BruteForce Password Cracking
Guessing passwords is one of the oldest, yet one of the most effective techniques to gain access to a system. The reason that it is one of the most effective hacking techniques is because there’s a weak link in the whole process: humans. This is because humans like “samantha1” better for a password than “Tr15%^<<lOPi>!+”. Although the latter would be far more difficult to hack than the first password, there’s a good chance that no user would ever get the latter password memorized.
Through methods of bruteforce password cracking, short and simple passwords can be broken in a matter of hours. A “bruteforce” program attempts to manually input all possible password combinations. While this may take time, the password is almost sure to be discovered after months or even years of bruteforce guesses.
=================================== Ophcrack – a public tool for revealing simple Windows XP, Vista, and Windows 7 passwords http://www.syschat.com/how-recover-l...rack-6677.html
While indeed a sensitive free and open source software, Ophcrack is a popular tool used by qualified System Administrators and Technical Support Representatives. The basic Ophcrack CD can decipher Windows passwords that are less then 14 characters and composed only of numbers and letters. Adding special characters and symbols to a Windows password immediately defeats the basic Ophcrack CD. Change, DO NOT reuse old passwords
Majority of us might be guilty for having at least once shared our email or facebook password to a trusted friend/colleague. However, on the point of online security, the follow-up questions are:
- Did you remember to change to a new password?
- Are your other online accounts using the same old password?
- As time progresses and you create more online accounts, have you taken care NOT to reuse the old password?
There is a lot to say and suggest in terms of online security and the practice of keeping good passwords. Again, a very simple reminder is to keep your passwords:
- Unique only to you and easy to remember
- As long as possible (at least 10 characters long) with a mix of numbers, letters in upper and lowercase, and special characters.
- Never reused or repeated. Where you have changed a password before, never use it again.