How I Got Your Password – Part 1

In our last post we looked at the frighteningly short amount of time that it takes to crack a typical password.  Today we will look at all the different password cracking methods that a clever attacker can use to compromise your password, and how to defend against these attacks.

Password cracking

There are several types of automated password attacks that can be combined to make the process quicker, or to configure for a certain type of password attack.

  • Dictionary attack – This is ...
Continue Reading →
0

Most Passwords Can Be Easily Cracked

Did you know that the most popular passwords can be cracked in minutes?   And that passwords with 8 characters or fewer can be cracked in a few seconds?  This is why I say that passwords by themselves are no longer a useful form of security.  Today is the second of a five part series on password security, and focuses on the methodology used by password cracking software programs.

Cyber-criminal groups who specialize in password cracking generally harvest huge lists of user ...

Continue Reading →
0

Why Passwords Are A Soft Target

I have said it before, and I will repeat it now:  passwords by themselves are no longer a useful form of security.  The only option that makes passwords secure is two-factor authentication.  Today we embark on a two week investigation into passwords, why they are so easy to break, how your password might be compromised, and how to create a password system that is less vulnerable to exploitation.

Why are passwords so easy to crack?  Some of the answers we have ...

Continue Reading →
0

Is The End Near For Re-Used Passwords

What do you think about a plan that would actually make it impossible for you to use the same password on two or more sites?  Basically, when you set up a new web account, you would be forced to use a password that was truly different from other passwords you use elsewhere?

I am certain that if you are reading this blog, that you ...

Continue Reading →
0

Hacking Your Browser for Further Exploits

In our last post, we discovered the trove of personal information that our web browser saves automatically, in the form of cookies, temporary Internet files, code snippets, and stored passwords.  Today we learn how an attacker could use this information in further exploits against you.

Using the information stored in your browser, an attacker can build a detailed dossier ...

Continue Reading →
0

Password Spraying is a New Type of Brute Force Attack

Password spraying is a new password exploit that is being used effectively against larger networks.  It’s become enough of a problem to merit an alert from US-CERT entitled TA18-086A: Brute Force Attacks Conducted by Cyber ActorsHere’s how it works.

Typically, in a traditional brute-force password attack, the password cracking software runs a long list of every possible password against a system.  In ...

Continue Reading →
0

Why Would Someone Hijack My Website?

If you own a small business, you have a website.  Would you be surprised to learn that your site is a top target of cyber-criminals?  Most people believe their business is too small and insignificant to be interesting to attackers, but your website is valuable to them precisely because it is small.

What makes a small business website an attractive target?   It is ...

Continue Reading →
0

Income Taxes – File Early to Beat the Hacker

The early bird gets the worm.  The second mouse gets the cheese.  The late tax filer gets nothing.  Why?  April is tax fraud time.  The best way to avoid losing your tax refund to a scammer is to file as early as possible, before the tax fraudster can get it done.  Having said that, this information would be more valuable in January than in April.  From US-CERT.

Tax Guidance ...

Continue Reading →
0
Page 2 of 13 12345...»