Don’t let weak passwords take you down!
Tuesday, 29 June 2010
I was recently searching for some material related to password generation and stumbled on a blog post from a few years ago that contains some very candid and eye-opening discussion on password security.
How I’d Hack Your Weak Passwords (onemansblog.com)
The author starts off with a list of the top ten passwords, and how he would go about finding the personal information needed. For example, number 1 is “Your partner, child, or pet’s name, possibly followed by a 0 or 1 (because they’re always making you use a number, aren’t they?)” and number 2 is “The last 4 digits of your social security number.”
The really interesting bits are when the author explains exactly how he would approach hacking your accounts, and how likely he would be to succeed. Unfortunately, the tools needed to engage in this kind of mischief are readily available and do not require great skill to employ.
Some key protection points include…
- Don’t use the same password for all of your online activities. Use different passwords for each site. That way, if your Facebook password is compromised, your Wachovia password is safe.
- Never use dictionary words, names, or other common passwords.
- Look for a trusted password management utility to help ease the pain of having a hundred different passwords.
- Your email is one of the most important and critical passwords—a criminal can use the “reset my password” feature on many shopping sites once they have access to your email account.
Take a look at the article and see if you can make some changes in the way you handle password security so that you don’t get hacked!