Introduction
Keeping the passwords secure is one of the most prioritized security measures that people need to take. An average user usually needs to remember 4-5 passwords at a time and needs to change them frequently. What most people do not understand are the consequences of their password being stolen or hacked.
Common Password Attacks
- Physical Security Breach: this is the most critical; type of password attack. There are special key-loggers that may be software based or hardware based. These key-loggers can easily trespass any security and encryptions.
- Sharing unintentionally: Most people share their passwords over the internet. They are not aware that hackers have programs that detect such activity and store the information.
- Cracking: in this type of attack, the password file may get exposed to an attacker. Then the attacker tries al the possible combinations to crack open the password file. The idea here is to find the weakest password and then try to get their way into al the files through there.
- Sniffing: also called packet sniffing, this type of attack is applicable on the Ethernet level. Here the network traffic is captured and then sifted to get important information and passwords.
- Guessing: Because of the high level of software and technologies available, this method is seldom used. However, amateurs may still try to guess passwords according to your personality.
Common software for Password Attacks
Developers have developed very detailed software programs that have made it very simple to hack passwords. These software are usually available for free making passwords more vulnerable. Some of the most commonly used software used for password attacks are:
- Trojans: These special types of software easily access your files without you knowing that it exists.
- Wireshark: this packet sniffing software stores your network traffic.
- Cain & Abel: this software is best for Windows password attacks. It is usually applied to sniffing and cracking passwords.
- Pwdump: This very popular password cracker works on the hash guessing technique.
- John the ripper: this password retriever software is used for Linux bases computers.
- Hydra: this is another password retrieving facility that is mainly used for getting passwords for services like FTP, etc.
Defense against Password Attacks
The biggest defense against password attacks is eternal vigilance. Organizations and networks now have the ability to employ a number of security measures to reduce the risk of being attacked.
Whether at a home level or at an organization level, there should be clear password policies that state the importance of changing or shuffling passwords occasionally. People should never write their passwords down or discuss them online.
There is also special software that users can install that detects malicious activity on your network or computer. These antivirus software stop attackers from spying on your files and passwords.
Microsoft can also help the user limit the number of password he has to remember. It has a password cache and a unified network logon that can give you a single password for your complete system. However the downside is once your logon password is compromised, your computer becomes at high risk.
Conclusion
It is very important for users to understand the importance of password security and imply it to their computer systems. No matter how secure your system is, you need to make sure that your password is also strong and hard to detect. It is also beneficial to make your password a combination of numbers, letters and special characters.
Works Cited
Danchev, Dancho. "Passwords - Common Attacks and Possible Solutions." 7 January 2005. Windows Seurity. 31 January 2014 <http://www.windowsecurity.com/articles-tutorials/authentication_and_encryption/Passwords-Attacks-Solutions.html>.
George, Robert. "Password Attack Methods And Prevention." 2014. PassCodes. 31 January 2014 <http://passcodes.org/security/password-attack-methods-and-prevention/>.
Grimes, Roger. "Types of Password Attacks." 30 January 2006. Windows IT Pro. 31 January 2014 <Types of Password Attacks>.
Tetz, Edward. "Common Network Attack Strategies: Packet Sniffing." Tetz, Edward. Cisco Networking All-in-One For Dummies. n.d.
