1. A file, folder, computer, or account protected by a password is safe.Read the rest of the article and
learn why that statement is no longer true.
2. Your passwords are secure as longas you only deal with reputableonline businesses.Big online businesses that servetens of millions of customersworldwide are expected to hold atreasure trove of personalinformation – the favorite diet ofidentity thieves. Therefore, thesecompanies are always in thecrosshairs of the world’s mosthighly-skilled hackers.Take these recent examples, for in stance:
LinkedIn - A file with 6.5 millionpasswords from LinkedIn accountsappeared in an online forum basedin RussiaYahoo - 450,000 usernames andpasswords from Yahoo! were postedonlineSony (Playstation) - This massivebreach involved 77 million Sony Play station user accounts containing
passwords and other personalinformation.Reputable businesses like LinkedIn,Yahoo! and Sony should beimplementing the strongest securitycountermeasuresavailable. But eventhese are not strong enough to withstand attacks all the time…
3. A password input box thatobscures characters as you typehides your password from pry in ge yes.
The dots or asterisks displayed on apassword input box are just meantto prevent people near you fromseeing what you’re entering inthere. How the password is actually stored or sent is a different story.
4. “Strong” passwords are difficult tocompromise.Even if your password is long andcomplex (e.g. a combination ofuppercase and lowercase letters,numbers and other non-alphanumeric characters), if it is stored or sentin plaintext, you’re toast if thehackers get hold of it.Plain text means it can be viewed
exactly the way it has been entered,using easily accessible tools. Forexample, if your password is Super$ecretp@Ss, a free downloadabletool like Ettercap enables yourpassword to be viewed exactly inthat form: Super$ecretp@Ss.If, however, your password isencrypted, it means that it has beenscrambled; it cannot be viewedusing the same tool (Ettercap). Itmight be displayed something likethis: xt%y&1sm^*gt;>2.Unfortunately, many softwareapplications still store and send passwords in plaintext. That is whyhackers still find the first threeitems in the next section so effective.
5. Hackers use sophisticated tools tosteal your password.Actually, many successful hackersdon’t require sophisticated tools toacquire passwords. Some simply usecrafty conversational skills. In thehighly publicised hacking of WiredSenior Writer Mat Honan, thehackers made extensive use of social engineering, a technique that relies eavily on the art of deception
learn why that statement is no longer true.
2. Your passwords are secure as longas you only deal with reputableonline businesses.Big online businesses that servetens of millions of customersworldwide are expected to hold atreasure trove of personalinformation – the favorite diet ofidentity thieves. Therefore, thesecompanies are always in thecrosshairs of the world’s mosthighly-skilled hackers.Take these recent examples, for in stance:
LinkedIn - A file with 6.5 millionpasswords from LinkedIn accountsappeared in an online forum basedin RussiaYahoo - 450,000 usernames andpasswords from Yahoo! were postedonlineSony (Playstation) - This massivebreach involved 77 million Sony Play station user accounts containing
passwords and other personalinformation.Reputable businesses like LinkedIn,Yahoo! and Sony should beimplementing the strongest securitycountermeasuresavailable. But eventhese are not strong enough to withstand attacks all the time…
3. A password input box thatobscures characters as you typehides your password from pry in ge yes.
The dots or asterisks displayed on apassword input box are just meantto prevent people near you fromseeing what you’re entering inthere. How the password is actually stored or sent is a different story.
4. “Strong” passwords are difficult tocompromise.Even if your password is long andcomplex (e.g. a combination ofuppercase and lowercase letters,numbers and other non-alphanumeric characters), if it is stored or sentin plaintext, you’re toast if thehackers get hold of it.Plain text means it can be viewed
exactly the way it has been entered,using easily accessible tools. Forexample, if your password is Super$ecretp@Ss, a free downloadabletool like Ettercap enables yourpassword to be viewed exactly inthat form: Super$ecretp@Ss.If, however, your password isencrypted, it means that it has beenscrambled; it cannot be viewedusing the same tool (Ettercap). Itmight be displayed something likethis: xt%y&1sm^*gt;>2.Unfortunately, many softwareapplications still store and send passwords in plaintext. That is whyhackers still find the first threeitems in the next section so effective.
5. Hackers use sophisticated tools tosteal your password.Actually, many successful hackersdon’t require sophisticated tools toacquire passwords. Some simply usecrafty conversational skills. In thehighly publicised hacking of WiredSenior Writer Mat Honan, thehackers made extensive use of social engineering, a technique that relies eavily on the art of deception
No comments:
Post a Comment