Thursday, May 10, 2012

Passwords Still the Weak Link in the Chain

Networks are only secure as their weakest part, and time and time again, the weakest part of any network system is the user. Weak passwords are by far the easiest aspect of network security to hack, and despite repeated calls by security experts for people to tighten up their password habits, password vulnerability is as bad as it has ever been.

Gaining access to people’s passwords can be extremely simple, primarily because people just don’t listen to advice. Because so many people use weak or recycled passwords, a hacker only needs to determine one person’s login to gain access to an entire network and the great bounty of data therein. Virtually every high profile hack is down to a single user having a weak password; from online retailer Zappo, who earlier this year had the personal details of 24 million users stolen, to global intelligence firm Stratfor that really should have known better, but recently lost 860,000 user names and email addresses to hackers.

Password security can be extremely difficult for a big network to manage, primarily because it requires policing everybody with access, from the website designers and administrators, to the marketers who are in charge of PPC management and Adsense campaigns, and it only takes one person not to take security seriously for the whole network to become vulnerable.

Seven deadly password sins

People are creatures of habit and nearly a fifth of people still commit one of the seven most common sins for generating passwords:
They use the name of their partner, child or pet, perhaps followed by a digit to adhere to the alpha/numerical construction (usually a 1 or 0). These days with everybody having their life laid bare on social networking sites, it doesn’t take long to learn the name of a family pet, child or spouse.
The same is true of people’s date of birth, either the user or their partner/child/pet.
People often use the last four digits of their social security or employee roll number. These details are perhaps more difficult to get hold of, but not impossible.
Amazingly 123, 1234 or abcd1234 are still common password combinations used by people.
Likewise, “password” or “pa55word” (to get that alpha/numerical combination) is another commonly used combination.
Again, Facebook grants easy access to a user’s favorite sports team, which is another common password sin.
Then there are the generic one-word passwords of “god” “love” “money” “access” etc, which are all common strings.

Repetition

Even if somebody follows the protocol for creating a strong password and uses upper and lower case, number and letters, and keeps the string as random as possible, there is a chance that after going through all that effort, they are probably going to use this same password for a whole host of other web activities. While gaining access to a work VPN or bank account is going to take a lot of effort, some sites, such as forums or online retailers, won’t have such strict security. If a hacker gains access to these websites and figures out a user has quite a strong password, then chances are they are using the same string to gain access to their work network, bank or other secure site.

Hear no evil

Despite the repeated high profile attacks, the loss of millions of people’s personal data each year, and the persistent mantra of the importance of strong passwords from network bosses, people just aren’t listening. It isn’t even as if the internet is a new thing. People have been relying on usernames and passwords for decades, but it seems they just won’t listen. There are probably a couple of reasons for this, and they both boil down to human nature.

Firstly, people think it will never happen to them. Hacking is like being mugged, both in the material loss that can result and in the fact that people think it only happens to others. It isn’t until somebody actually gets hacked that they start to take passwords seriously, but of course, by then it is too late. Secondly, people are inherently lazy. Generating new passwords all the time and having to remember them is not fun, and most people have better things to do, which is why so many choose weak and easy to remember passwords or recycle older ones.

Until people start realizing the importance of good password protocol, high profile hacks will continue unabated. Perhaps there will come a time when virtually everybody has suffered some form of hacking attack at least once, by which time, password security may at last become as important a security concept to people as protecting their wallet or locking their front doors at night. Until then, weak passwords are by far the easiest way in to a network for any hacker.

The Hacka Man

228 comments:

«Oldest   ‹Older   201 – 228 of 228
Anonymous said...

Ηurrah, that's what I was seeking for, what a stuff! present here at this webpage, thanks admin of this website.

Also visit my blog: die Abnehm Lösung

Anonymous said...

Hey there! Someone іn my Faceboοk group shared thіs site ωith us so I сame tо give it a loоk.

I'm definitely enjoying the information. I'm book-maгking anԁ will be tweeting thiѕ to my followerѕ!
Excellent blοg аnd terrific style and design.


My homepage: hemroids

Anonymous said...

It's amazing in support of me to have a site, which is beneficial in support of my know-how. thanks admin

Stop by my webpage ... klimatyzacja fujitsu

Anonymous said...

This is really interesting, You are a very skilled blogger.
I have joined your rss feed and look forward
to seeking more of your excellent post. Also, I have shared your website in my social networks!


Feel free to surf to my site klimatyzacja

Anonymous said...

I'm really enjoying the design and layout of your site. It's a very easy on the eyes which makes it
much more enjoyable for me to come here and visit more often.
Did you hire out a designer to create your theme?
Superb work!

Here is my page; klimatyzacja

Anonymous said...

Do you have a spam issue on this blog; I also am a blogger,
and I was wondering your situation; we have developed
some nice practices and we are looking to swap strategies with other folks,
please shoot me an e-mail if interested.

Take a look at my web-site klimatyzacja

Anonymous said...

Hi there! I could have sworn I've visited this blog before but after going through a few of the articles I realized it's new to me.
Anyhow, I'm definitely pleased I stumbled upon it and I'll be book-marking
it and checking back often!

Also visit my weblog :: klimatyzacja

Anonymous said...

Thanks for sharing your thoughts about klimatyzacja.
Regards

Anonymous said...

Excellent pieces. Keep writing such kind of
info on your site. Im really impressed by your site.
Hello there, You have performed an excellent job. I'll definitely digg it and for my part recommend to my friends. I am confident they will be benefited from this web site.

Feel free to surf to my weblog :: klimatyzacja

Anonymous said...

great publish, very informative. I ponder why the other experts of this
sector don't notice this. You must continue your writing. I'm sure,
you have a great readers' base already!

Look at my web blog: dillards wedding registry

Anonymous said...

Thanks for sharing your thoughts on lola rose jewellry.
Regards

My homepage Hutlquist rings

Anonymous said...

Many thanks for this answer!

Feel free to surf to my page - http://www.twuut.nl/barbara05/all

Anonymous said...

Ӏ enjoу what уou guyѕ агe
up too. This ѕort of cleνеr work and expoѕuгe!
Keep up the great ωoгκs guуs
I've incorporated you guys to blogroll.

My weblog ... Hemroids-Piles.Com

Anonymous said...

rain and song hye gyo dating http://loveepicentre.com/success_stories/ free millionaire dating
young gay teen boy dating websites [url=http://loveepicentre.com/]dating perth[/url] phishing dating site
top 10 us online dating sites [url=http://loveepicentre.com/testimonials/]dating press releases[/url] boulder colorado dating service [url=http://loveepicentre.com/user/Enilec/]Enilec[/url] speed dating in baltimore md

Anonymous said...

Cаn I ѕimply say what a comfοrt tо discover ѕomeοne ωho genuinеly κnoωs
what they're discussing over the internet. You definitely realize how to bring an issue to light and make it important. More people must look at this and understand this side of the story. I can't believe you аre nοt more populаr sіnce you ԁefinitely possesѕ the gift.


my web pаge Http://Hemroidѕ-Рiles.Com/What-Are-He.
.. (kiazzakiazza.com)

Anonymous said...

This Czech glass became known by means of rhinestones. At the same time, the synthetic version handbags
group investment Hisayoshi center broken ground in Hongqiao.

Causes accidents . that black isn't a taboo color for those gowns. Showing a panty range or, to a reduced extent, the information of a bra, was out for the question. http://moodle.netbridge.at/user/view.php?id=28894&course=1

Anonymous said...

legit dating websites http://loveepicentre.com/contact/ adult dating charlotteville va
dating site for married people [url=http://loveepicentre.com/success_stories/]slut women dating[/url] free dating game online
intelligent people dating answers [url=http://loveepicentre.com]dating title object object[/url] dating scams and promises from ghana [url=http://loveepicentre.com/user/davo2010/]davo2010[/url] over 55 dating site

Anonymous said...

dating in sydney http://loveepicentre.com/faq/ dating russian women california
dating a guild d-25 acoustic guitar [url=http://loveepicentre.com/contact/]erskine minnesota girl for dating[/url] m4m older dating
mario lopez and karina still dating [url=http://loveepicentre.com/articles/]interracial dating site for men[/url] online dating do don't dangers [url=http://loveepicentre.com/user/prettygirl/]prettygirl[/url] gay and lesbian dating sites

Anonymous said...

This website really has all the information and facts
I needed concerning this subject and didn't know who to ask.

Feel free to visit my webpage; nike air max billig

Anonymous said...

grants teen dating violence http://loveepicentre.com/success_stories/ punk speed dating los angeles
dating a nypd officer [url=http://loveepicentre.com/advice/]dating scorpio male and scorpio female[/url] dating in the eighteenth century
hamster dating [url=http://loveepicentre.com/taketour/]dating online senior[/url] apostolic singles dating [url=http://loveepicentre.com/user/Ralph001/]Ralph001[/url] best online dating singles in australia

Anonymous said...

Admiring the commitment you put into your blog and
detailed information you present. It's great to come across a blog every once in a while that isn't
the same old rehashed material. Fantastic read! I've bookmarked your site and I'm including your RSS feeds to my
Google account.

My web page: car town trainer

Anonymous said...

Your post is very nice, it helped me to gather some important and new information.You can visit this site: EgyptSat

http://www.egyptsat.com

Anonymous said...

e cig, e cigarette, electronic cigarette, smokeless cigarettes, e cigarette, smokeless cigarette

MortenPAW said...

Lol, those passwords though.... some people still are stupid

Unknown said...

It is the best software, I agree and can be used for many purposes. Thanks for sharing this article Enterprise Social Software (ESS) Market Report | Mobile Health Apps and Solutions Market Report|Password Management Market Report

Unknown said...

Generic Viagra Only Male Impotence

Unknown said...

Very nice post. I will share it on my social media pages. Here is a website to buy beats online that I highly recommend buy trap instrumentals

Unknown said...

i was once living on the street where by things were so hard for me, even to pay off my bills was very difficult for me i have to park off my apartment and start sleeping on the street of Vegas. i tried all i could do to secure a job but all went in vain because i was from the black side of America. so i decided to browse through on my phone for jobs online where i got an advert on Hackers advertising a Blank ATM card which can be used to hack any ATM Machine all over the world, i never thought this could be real because most advert on the internet are based on fraud, so i decided to give this a try and look where it will lead me to if it can change my life for good. i contacted this hackers and they told me they are from Australia and also they have branch all over the world in which they use in developing there ATM CARDS, this men who were geeks and also experts at ATM repairs, programming and execution who taught me various tips and tricks about breaking into an ATM Machine with a Blank ATM card.i applied for the Blank ATM card and it was delivered to me within 3 days and i did as i was told to and today my life has changed. there is no ATM MACHINES this BLANK ATM CARD CANNOT penetrate into, because it has been programmed with various tools and software before it will be send to you. i know this is illegal but also a smart way of living Big because the government cannot help us so we have to help our self. if you also want this BLANK ATM CARD you can contact these Hackers at
email: skylinktechnes@yahoo.com whatsapp: +1(213)328-0248

«Oldest ‹Older   201 – 228 of 228   Newer› Newest»