Click here to load reader
Upload
aaberra
View
220
Download
0
Embed Size (px)
Citation preview
Passwords Overview Why need passwords Weak passwords Strong passwords Commonly used passwords
Why We Need Passwords?
Password is a secret word or code used to serve as a security measure against unauthorized access to data
Why we need? To protect your valuable or personal information on your
computer To protect your email read by some one else To protect your network To protect your Website To protect your online banking
Weak Passwords A password that is easy to detect both by humans and by
computer is a weak password Short password can be quickly hacked Whole dictionary or half dictionary words are easily hacked by
dictionary attack Reusing old passwords increase the likelihood that your account
might be hacked Because if someone had one of your old passwords and you've
cycled back to using that password then your account may become compromised
Weak Passwords
Dictionary Attack
A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password
A dictionary attack can also be used in an attempt to find the key necessary to decrypt an encrypted message or document
Dictionary attacks try which are derived from a dictionary such as many users use ordinary words as passwords and such words are easily guessable and hack
Like, iloveyou,12345,54321,ilovemom,ILOVEYOU...
Dictionary Attack
Brute Force Attack Brute force is a trial and error method used by application programs
to decode encrypted data such as passwords or Data Encryption Standard (DES) keys
Just as a criminal might break into, or "crack" a safe by trying many possible combinations, a brute force cracking application proceeds through all possible combinations of legal characters in sequence
Like hello, HELLO, Eello, keLLO, FELlo,…
List of Weak Passwords1. Your partner, child, or pet's name, possibly followed by a 0 or 1
2. The last 4 digits of your social security number.
3. 123 or 1234 or 123456.
4. password
5. Your city, or college, football team name.
6. Date of birth – yours, your partner's or your child's.
7. money
8. love
Why create a strong Password? Passwords provide the first line of defense against unauthorized
access to your computer The stronger your password, the more protected your computer
will be from hackers and malicious software You should make sure you have strong passwords for all accounts
on your computer If you're using a corporate network, your network administrator
might require you to use a strong password
A strong Password Is at least eight characters long Does not contain your user name, real name, or company name Does not contain a complete word Is significantly different from previous password
A strong Password…
Contains each of the following characters: Uppercase letters like, A, B,C Lowercase letters like, a,b,c Numbers like, 1,2,3,4,5,6,7,8,9 Symbols found on the keyboard ` ~ ! @ # $ % ^ & * ( ) _ - + = { } [ ] \ | : ; " ' < > , . ? /
Choosing A strong Password
Some Tips A password might meet all the criteria above and
still be a weak password For example, Hello2U! It meets all the criteria for a strong password listed
above, but is still weak because it contains a complete word
H3ll0 2 U! is a stronger alternative because it replaces some of the letters in the complete word with numbers and also includes spaces
Tips to remember strong Password Create an acronym from an easy-to-remember piece of
information Pick a phrase that is meaningful to you, such as My son's birthday
is 12 December, 2004 Using that phrase as your guide, you might use Msbi12/Dec,4 for
your password. Substitute numbers, symbols, and misspellings for letters or
words in an easy-to-remember phrase For example, My son's birthday is 12 December, 2004 could
become Mi$un's Brthd8iz 12124
Tips to remember…
Relate your password to a favorite hobby or sport For example, I love to play badminton could become
ILuv2PlayB@dm1nt()n Also, If you feel you must write down your password in order to
remember it Make sure you don't label it as your password, and keep it in a
safe place
Tips to remember…
Questions?
Thank You
References
http://searchsecurity.techtarget.com/definition/dictionary-attack http://
netsecurity.about.com/od/advancedsecurity/fl/What-Makes-a-Password-Weak-or-Strong.htm
http://lifehacker.com/5505400/how-id-hack-your-weak-passwords http://
windows.microsoft.com/en-US/windows-vista/Tips-for-creating-a-strong-password http://
www.answers.com/Q/What_are_the_differences_between_Dictionary_Attack_Brute_Force_Attack_and_Hybrid_Attack
http://www.thehackerstore.net/2012/08/what-is-difference-between-brute-force.html https://images.search.yahoo.com/yhs/
search;_ylt=A0LEV738v.BVKEYAsREnnIlQ;_ylu=X3oDMTEzajBwdGlxBGNvbG8DYmYxBHBvcwMxBHZ0aWQDRkZSQTAxXzEEc2VjA3Nj?p=Strong+Password&fr=yhs-mozilla-003&hspart=mozilla&hsimp=yhs-003