As i'm writing after a very long time, i thought to write about something that would enable people to be safe.
5 Password Myths You Should Stop Believing
1. A file, folder, computer, or account protected by a password is
safe.
Read the rest of the article and learn why that statement is no longer true.
2. Your passwords are secure as long as you only deal with reputable online businesses. Big online businesses that serve tens of millions of customers worldwide are expected to hold a treasure trove of personal information – the favorite diet of identity thieves. Therefore, these companies are always in the crosshairs of the world’s most highly-skilled hackers.
Take these recent examples, for instance:
LinkedIn - A file with 6.5 million passwords from LinkedIn accounts appeared in an online forum based in Russia
Yahoo - 450,000 usernames and passwords from Yahoo! were posted online
Sony (Playstation) - This massive breach involved 77 million Sony Playstation user accounts containing passwords and other personal information.
Reputable businesses like LinkedIn, Yahoo! and Sony should be implementing the strongest security countermeasuresavailable. But even these are not strong enough to withstand attacks all the time…
3. A password input box that obscures characters as you type hides your password from prying
eyes. The dots or asterisks displayed on a password input box are just meant to prevent people near you from seeing what you’re entering in there. How the password is actually stored or sent is a different story.
4. “Strong” passwords are difficult to compromise. Even if your password is long and complex (e.g. a combination of uppercase and lowercase letters, numbers and other non-alphanumeri c characters), if it is stored or sent in plaintext, you’re toast if the hackers get hold of it. Plaintext means it can be viewed exactly the way it has been entered, using easily accessible tools. For example, if your password is Super$ecretp@Ss, a free downloadable tool like Ettercap enables your password to be viewed exactly in that form: Super$ecretp@Ss. If, however, your password is encrypted, it means that it has been scrambled; it cannot be viewed using the same tool (Ettercap). It might be displayed something like this: xt%y&1sm^*gt;>2. Unfortunately, many software applications still store and send passwords in plaintext. That is why hackers still find the first three items in the next section so
effective.
5. Hackers use sophisticated tools to steal your password. Actually, many successfulhackers don’t require sophisticated tools to acquire passwords. Some simply use crafty conversational skills. In the highly publicised hacking of Wired Senior Writer Mat Honan, the hackers made extensive use of social engineering, a technique that relies heavily on the art of deception
5 Password Myths You Should Stop Believing
1. A file, folder, computer, or account protected by a password is
safe.
Read the rest of the article and learn why that statement is no longer true.
2. Your passwords are secure as long as you only deal with reputable online businesses. Big online businesses that serve tens of millions of customers worldwide are expected to hold a treasure trove of personal information – the favorite diet of identity thieves. Therefore, these companies are always in the crosshairs of the world’s most highly-skilled hackers.
Take these recent examples, for instance:
LinkedIn - A file with 6.5 million passwords from LinkedIn accounts appeared in an online forum based in Russia
Yahoo - 450,000 usernames and passwords from Yahoo! were posted online
Sony (Playstation) - This massive breach involved 77 million Sony Playstation user accounts containing passwords and other personal information.
Reputable businesses like LinkedIn, Yahoo! and Sony should be implementing the strongest security countermeasuresavailable. But even these are not strong enough to withstand attacks all the time…
3. A password input box that obscures characters as you type hides your password from prying
eyes. The dots or asterisks displayed on a password input box are just meant to prevent people near you from seeing what you’re entering in there. How the password is actually stored or sent is a different story.
4. “Strong” passwords are difficult to compromise. Even if your password is long and complex (e.g. a combination of uppercase and lowercase letters, numbers and other non-alphanumeri c characters), if it is stored or sent in plaintext, you’re toast if the hackers get hold of it. Plaintext means it can be viewed exactly the way it has been entered, using easily accessible tools. For example, if your password is Super$ecretp@Ss, a free downloadable tool like Ettercap enables your password to be viewed exactly in that form: Super$ecretp@Ss. If, however, your password is encrypted, it means that it has been scrambled; it cannot be viewed using the same tool (Ettercap). It might be displayed something like this: xt%y&1sm^*gt;>2. Unfortunately, many software applications still store and send passwords in plaintext. That is why hackers still find the first three items in the next section so
effective.
5. Hackers use sophisticated tools to steal your password. Actually, many successfulhackers don’t require sophisticated tools to acquire passwords. Some simply use crafty conversational skills. In the highly publicised hacking of Wired Senior Writer Mat Honan, the hackers made extensive use of social engineering, a technique that relies heavily on the art of deception
No comments:
Post a Comment