How easily passwords can be hacked and why you need super strong passwords
- How easily passwords can be cracked today – It will shock you!
- The three main ways passwords are cracked – Probably not what you think!
- What is really protecting your password against hacking – You will be surprised!
- A dangerous practice that puts you at extreme risk of identity theft – Most people do this!
As an IT professional with over 20 years experience supporting clients, I can tell you that passwords are the weakest link in the security for almost every system I have ever looked at.
I also understand how much people hate using them and the difficulty people have remembering them.
The problem is that more than ever before, your accounts are vulnerable to hacking
AND a weak password might be the only thing standing between you and disaster.
I will assume you are already aware of the threats associated with having your password hacked, and that you are convinced that you need to use strong passwords.
So I am first going to explain how vulnerable most people really are to having their account hacked, It will shock you. We will then look at how passwords are cracked.
Twenty years ago eight character passwords were considered adequate, and it was estimated that it would take many years of computer processing power to crack a strong 8 character password.
Computer processing power has grown exponentially, and today ANY eight character password, regardless of how random, and how many special characters are included, can be cracked in a few hours or less, using password cracking software with a standard desk top computer and a video accelerator card, in other words the type commonly used for games.
In fact, around half of all passwords currently being used today can be cracked in seconds due to them be very weak, and another 45% can be cracked within a few hours.
Only around 5% of passwords offer any real challenge, and given that computers today can make millions of guesses per second, it would not take long to crack money of these also.
To crack passwords, you don’t even need advanced computer or programming skills. The password cracking software is easy to use and available for download by anyone that searches for it.
Professional hackers can harness parallel processing to further reduce the time required to crack passwords. This is simply connecting up multiple personal computers to work together.
While the capacity of computers to crack passwords has increased, the problem is most people are still using much the same weak passwords they were using twenty years ago
While most people know they should use stronger passwords, very few realise how easily passwords can now be cracked.
Having a basic understanding will help you create stronger passwords.
There are three main ways to crack a password.
Password Guessing is actually the least common method except in Hollywood movies. This is where a professional hacker attempts to guess the password using information they have collected about the password holder. It is more common for this approach to be used by someone that knows the password holder such as a fellow co-worker, friend or family member.
Password Cracking Dictionaries
Password Cracking Dictionaries are normally the first method attempted. These dictionaries contain lists of the words for all languages, including including some very obscure lexicons, even dead languages. In addition to containing all known dictionary words, they also contain all common misspellings, substitutions, and there are even lists of every password that has ever been used before. Using these cracking dictionaries alone is going to crack most passwords in use today.
Brute Force Attack
Brute Force Attack uses sheer computing power to try every possible combination of characters. As already mentioned, twenty years ago super computers needed years to crack an eight character password, but today the same can be cracked in just a few minutes using standard personal computers working in parallel.
So if passwords are so easy to crack, then why aren’t peoples accounts being hacked even more than they are, like almost every day?
It may surprise you to know that its usually not your password that is protecting your account. As you are probably aware, most systems will lock you out after three wrong attempts.
Some may lock you out for fifteen minutes or an hour, others may even require you call the help desk to reset the password.
It’s this “three strikes” and you are out process that is protecting most accounts from password hacking.
The problem is hackers can often get around this simple first level of defence, as is evident in the number of major password security breaches reported each year, leaving your password and accounts exposed to cracking.
In the next part I will tell you about an alternative to using traditional passwords which is far more secure, and much easier to remember.
The Domino Affect and Identity Theft
In the next part I will also explain the domino affect and how a common practice most people do puts you at extreme risk of identity theft.
I will finally explain my Super Strong Passwords Made Easy system that will enable you to create and use very strong and unique passwords on all your accounts, and the best part is you do not need to remember any of them.