Thursday, October 1, 2020

Why Weak Passwords Are a Security Risk

by Robert Blake

A password is the most commonly used primary security measure for protecting access to websites. Passwords are also commonly used to restrict access to hardware devices, such as computers. While some people may consider the need to use passwords a nuisance, the reality is that we rely on passwords to keep prying eyes away from sensitive data.

Just creating a password may not be enough to protect data. If you choose simple passwords like "password," "qwerty," or "123456," you are greatly increasing the risk that your online accounts or local hardware can be accessed by third parties.

Who would try to access my computer or online accounts? 

Any person who wants access to information stored on your computer or in an online account may try to crack your password; it could be somebody known to you, such as a spouse, partner, relation or work colleague, or it could be a total stranger with fraud on his or her mind. You could also be subjected to automated attacks, where special apps try to break your password by using millions of combinations of characters.

Weak passwords 

Regardless of whether it's somebody you know, a total stranger, or an automated program that is trying to crack your password, if you have a weak password, you are at increased risk of your defenses being breached. 

Weak passwords are ones that can easily be guessed. They include combinations like those mentioned above or passwords based on the date of birth of you, your children, or other relatives. Those based on your favorite books, poems, songs, pets, or geographical locations associated with you are also potentially weak passwords. 

How your personal details can be found 

You may think it is unlikely that a stranger, or even an acquaintance, knows your date of birth, or information about your likes and dislikes. However, it is surprising how much information is in the public domain.

Social media platforms are great sources of information for people who may want to hack passwords. Those birthday greetings from your friends that say "Can't believe you're 20" reveal your date of birth. Greetings to or from "my favorite mum/sister/uncle/brother etc." reveal the names of other family members and their relationship to you. 

People regularly use social media to tell the world about their favorite pet, actor, movie, song, etc. In short, making innocent posts or comments online can reveal a lot of information about you. Even if you don't actively do this, other people can reveal your personal information in their posts or comments. Social media can be a rich source for people trying to break your password.

Automated attacks 

Unlike an individual trying to guess what your password is, automated, or brute force, attacks do not use information about you to assist them. Instead, they try various combinations of characters. While this may seem like a very inefficient way to crack a password, it should be remembered that it is often possible to try millions of combinations in a very short time. 

While these attacks use random sequences of characters, they are often structured to try well-known words or phrases first. These may be followed by combinations of common names and digits that could be dates. Weak passwords are likely to be discovered more quickly.

In summary, using simple passwords is risky. Individuals can try to guess your password based on your personal data. Automated attacks are more likely to find readable passwords, even if they are combinations of words and numbers. Avoid weak passwords if you want to keep your data safe.

Bit by bit helps client networks run smooth and secure.. visit our website at 877.860.5863

No comments:

Post a Comment