Password cracking attack - SecurityIn this second of a three-part series covering threats to computer security, we focus on attacks that are more specifically directed against a particular person or company.
print this article SEARCH DEV SHED |
Another well known threat is the password cracking attack. As we all know, passwords ensure that only authorized users are able to gain access to a system. That’s why a strong password is the cornerstone of an effective security strategy. However, most of the time people place convenience ahead of security, creating passwords that they can easily remember. Usually people use words, symbols or dates that have some personal meaning to them to make up their password. As a result, these passwords are simple and can easily be guessed if you know some information about the owner of the password. Remember that passwords are not stored on the machines in clear text; a special algorithm is used on the passwords to generate a one-way hash value which is stored in the place of the password. The one-way hash is a string of characters that cannot be reversed into the corresponding original password. When you provide your password to log into your system, the one-way hash value is generated and compared to the hash stored on the system. If they are the same, it is assumed that the password provided is the one expected. Crackers use tools called password crackers to find out your passwords (actually their hash values). These tools work around several techniques; two of the most well known are the following:
Whatever we say, the easiest way to compromise a system is through a weak password. So it is important to try to enhance your first line of security defense, which is the passwords you choose.
blog comments powered by Disqus |
Mach-II for PHP: A Preview
