This is the one Zuck really got nailed on.
#How to make up passwords password
Reusing a password re-opens the vulnerability window for that password. Once a password is compromised, it can be exploited at any point in time, even years later, as Zuckerberg found out.
Don’t Reuse PasswordsĪlternating between passwords doesn’t have the same effect as changing them to something new each time. Changing your password on a regular basis may seem annoying, but it’s nothing compared to dealing with a compromised account, identity theft, or credit card fraud. This is why high security systems use randomly generated numbers that change every few minutes as part of their authentication model. The more often you change your password, the smaller the window of a compromised password being worthwhile. A simple reminder every six months or even a year would have prevented this old data breach from compromising anything. Going back to Zuck, if his password was obtained in 2012, it has no business still being in use in 2016. This step is about reducing the window of damage. If they don’t, it’s always a good plan to change your password regularly anyway. Some services require regular password changes, while some do not. And when you get down to step 5, having separate passwords for every account can be too much to ask with 18 character randomly generated passwords. Finally, you can find any number of password generators online, which can generate extremely complex passwords. Your password should be a combination of at least both upper and lowercase letters and a number (62 unique, reusable characters, with 8 characters in the password means 62 to the 8th power, or 2.1834011e+14 possible combinations…) Include a special character to increase complexity, but make sure that character is supported by the mechanism you’re using, as some are not. Read our post on brute force attacks for more information. All of the sudden "potato" isn't that great of a password after all. A computer can run a "dictionary attack" against a password very quickly, testing for all real words, of which there are relatively few, compared to the huge number of character permutations possible.
#How to make up passwords crack
Brute force isn't the only method to crack a password. There are 26 lowercase letters, but only 10 digits (0-9), so you can see how “potato” is more secure than “536871” from the perspective of a machine running through different combinations of characters. Each character set has a certain number of permutations. This is why passwords typically have a minimum requirement of 8 characters. Each character increases the complexity exponentially.
So how many permutations does it take to get your password? Here are three key factors: If a person were trying to guess your password, they might try ten or so passwords a minute, if they’re fast. Not just any password will do, and the reason why relates to how passwords are cracked. Why go to the trouble of blowing the safe if you can have the bank manager open it up for you? 2. Most *ishing schemes trick you into giving up your password in some way or another. Socially engineering a password out of someone is often much easier than “hacking” their account. Your password is what makes you accountable for the actions taken under your account.
If this is true, it means that Zuckerberg used the same password for multiple websites, allowing the damage done by the LinkedIn hack to spread into other areas. You might have read about Facebook founder and user Mark Zuckerberg’s social media accounts getting “hacked.” Hacked is maybe not the right word here, since many people believe Zuck’s password was among the 117 million leaked LinkedIn passwords recently posted online.
0 kommentar(er)
