May 30, 2010

How to keep your Passwords Secure against Phishing and Hacking

Weak passwords are always and a constant problem for websites and businesses trying to secure their data. There are thousands of hackers all over the world trying to break into systems at all hours of the day using password cracker software. Its very necessary to increase your security levels now a days.
Since disconnecting systems from the internet is not an option for most organizations and individuals using the internet for the source of learning or implementing ideas, it is important to establish strong password in order to keep yourself from crackers tracking/tracing users accounts. The reason for that is if users are given the opportunity, they will pick weak passwords(Not always). Fortunately, all modern operating systems and websites today allow system administrators to enforce strong password policies. I recommend some of the cases how to secure your password in a digital way, i.e it wont be possibly cracked by a regular person using some free software used to crack users accounts.


                                              
Most Common Passwords


Many people are habituated to using short and simple passwords that are easily guessed or easily remembered. Some of those most common passwords include:


* Blank password
* The word "password"
* The user's username or login name
* Names of spouses, friends, or pets
* License plate numbers
* Swear words
*Telephone or mobile numbers


Crackers use password cracking programs that attack most of the above passwords as well as many other simple variations of the above. Attackers/crackers targeting a specific person such as a politician or celebrity can perform searches on the internet to get personal information. Even a myspace or facebook page that contains the name of a pet could allow a cracker to break into a user's account. Isn't that easy when you keep your password so simple. So lets move ahead.


Self-Service Password Reset Vulnerability


Educated guesses are very effective when it comes to systems with self service password reset policies that ask personal questions. In 2008, Sarah Palin's yahoo mail account was hacked by someone researching Sarah Palin's personal life to answer the password reset questions. Gmail is also vulnerable to these password reset options. So well you can ask me a question is there a possibility of cracking my account in this way: NO! its always a professional crackers job who tries to target you specifically. Better be strong enough, read more below to make yourself strong password.




Phishing Schemes and Keyloggers


The easiest way to get passwords is to have Trojan horses install programs on a user's PC to record keystrokes via a keylogger program. Another way is for a cracker to set up a website that looks exactly like the real website and trick users into giving away their username and password via a link given in email to the fake website. It's important for users to be suspicious of all email purporting themselves to come from their bank, school, social networking websites, etc. be careful from such spoof websites don't give away your username and password to any such website.


You can ask me how to judge its a spoof ones: Better follow a good website where you find lots of information providing better knowledge and stays long enough on internet writing new always.




Password Strength


The following character classes are used to define the strength of a password. Some websites allow you to use any types of characters and some do not.


* Upper case letters (26 characters)
* Lower case letters (26 characters)
* Punctuation (approximately 33 characters)
* Numbers (10 characters)


The amount of time and computing effort required to break a password increases significantly if a random character is picked from each character class. In general many use a brute force method to attach accounts so it basically makes a trials of throwing some letters and make some combination's. When all the password characters are in sequel then it can find out within short span of time.

Best Practices for Password Security


Only a few important steps are needed for users to protect their passwords and online security.


The first thing to do is to pick a strong password utilizing all characters classes to maximize the strength of a password. The password needs to be at least eight characters but more is better. Make it easy to memorize by using a mnemonic device. For example:


ihtmsgf ( i have the most sexiest girl friend)


The above example can taken into consideration for having a secured password.
Adding your girlfriends b'day to it can make it more secure like as:

23ihtmsgf(23 is the date)


few numbers, lowercase letters and uppercase letters would be the strongest password. Let it be 8 or above.
 

Secondly, make sure all antivirus software, phishing filter software, and anti-malware software is installed. There is free antivirus software out there that is quite good and comparable to paid commercial antivirus software. And never share passwords with anyone online.

You can ask me whats the benefit keeping password in such kinds?
Attacker/cracker will know your information and they try to crack it with the best know possible combination of password cracking. They can use software to make combination of password and crack it. Its easy when your password is some name or any number, it can sort out within hours if its some small ones which can be done by anyone. But when you keep a secured one as of above it can take much time to crack it, more often many chances fail to crack it.


Finally, be suspicious of all emails even if they appear to be authentic. Except for an occasional slip in English grammar, it's usually impossible to detect an email that is actually part of a phishing scheme. The graphics and logo in the email as well as the fake website are usually identical to the real website. The best practice is to always use the browser bookmark to go to the website instead of using a link in an email. Its better not to mess up with some lousy mails and Spam mails. Mostly spam mails are from such useless adds better ignore them by deleting, its a huge waste of time reading them.


Follow us on facebook and twitter @demonstech. Any problems regarding PC or any Gadgets Write here @DEMON'STECH,
Its our pleasure to reply.

Related Posts Plugin for WordPress, Blogger...