- Tuesday March 7th, 2017
- Posted by: TFK Hermann
- Category: News and Events
How to build and protect our passwords?
WHAT THE METHODS TO CRACK A PASSWORD?
a. Dictionary Attack
To crack a password, the most popular method is the dictionary attack. It means the hacker has got a computerised dictionary and he will try all the combinations to crack the password. This method is very strong due to the number of users who are using a common word or common passwords like “123456789” or “password”. The letters can be modified to crack this type of password: “P4ssw0rd”.
b. Brute-Force Attack
Brute-Force attacks are lengthy methods. The goal is to test every single combination possible on a password. It’s very effective against only-letters passwords. To represent this kind of attack, to brute-force crack a Windows computer protected by an 8-sized key it will take about 7 years maximum so we can imagine that he is doing this with a lot of computers, he will succeed in no time.
Spoofing is the very effective method. The only thing the hacker needs to get all your passwords is to be on the same network. When he succeeds to penetrate your network (with a Trojan horse for example) he takes the identity of his victim. And make believe to his victim that he is the router. So he can see all of the communications of his victim.
This method is very effective because it exists some software which can interpret those communications and get all of the passwords
II. WHAT ARE THE TIPS TO PROTECT OURSELVES?
To build a password we need to be careful of these following points:
- The password is strong enough
- It’s the first time you are using it
- The password is easily remembered
- Keep it secret
a. What is a strong password?
A strong password contains at least these elements;
- 10 Characters
- 1 capital letter
- 1 lower-case letter
- 1 figure
1 special character ,.;:/?!()\|
You can check the strength of your password on this site:
b. Build different passwords and remember them
To have an optimized security, must be different between one website and another. So you have to elaborate a strategy to remember every single password whatever the website.
I’m building my passwords with this following method;
- Choose a passphrase : My horse is grey , I live in the 59 and I’m 175 tall
- Build the password base with the first letters : Mh1gIl1t59aIm175t
- Looking on which website I am : gmail
- Add “gm” at the beginning of my base and “ai” at the end
So my password will be: “gmMh1gIl1t59aIm175tai” and I will remember all of my passwords.
To build a password and remember it, we can use a freeware named Keepass2. It’s software which contains an encrypted database for your passwords. So you only have to remember one.
c. How can I keep my password secret?
Secondly, it’s very important to look at the URL before typing your password. You have to be sure that the website is encrypting the communications.
- HTTP:// IS NOT SAFE
- HTTPS:// IS An SECURIZED CONNEXION
In the final part, it’s important to never connect to an unsecured network (like Wi-Fi without a key). Some Wi-Fi is reachable by a webpage where you need to write a password or a private key. It’s important to verify that it’s written HTTPS in green in the URL.
protect our passwords?
Article written by :
Office: +44 1865408566