Posts Tagged ‘password’

Passwords

August 18th, 2010 | Author:

Most Companies require them and a lot of home users do not but for those who do, just how good is your password?

 

I often advise people on passwords and how to make them more secure and if you like spaceballs you will know about one of the simplest easy to crack passwords going around

 

but here a re few more that are common and should not be used

  • password
  • 1234
  • 12345
  • 123456
  • 1234567
  • 12345678
  • qwerty
  • abc123
  • letmein
  • monkey
  • myspace1
  • password1
  • blink182
  • (your first name)
  • god
  • sex
  • money
  • love
  • 696969
  • admin
  • password

But sometimes it is not even necessary to hack the password, I have seen people give out their password to work colleges and friends.

 

In one case someone had managed to get a co-workers password they then went on to use this account for looking up adult material while in work.  The only reason that he got caught was he used this account while his co-worker was on a different shift, so after security and the IT department looked into it and then tracked the usage they were able to catch the person in the act.  That person was instantly sacked, but things could have been different if they had only used that account when that person was working.

It used to be the case that good 6 character password would be sufficient and that someone could try 100 passwords per second (see table below, thanks to baekdal

 

password

 

But now there is a new threat.

 

Graphics cards

 

As the graphics processing unit (GPU) have become so powerful and fast in order to handle the the rendering for today’s games this has also lead to them being used for other things.

According to the Georgia Institute of Technology passwords with fewer than 12 characters can be decoded using brute force and to put the power of these graphics cards in to perspective:

The top graphics processors, today,  offer about two teraflops of parallel processing power. Put this into comparison comparison, the world’s fastest supercomputer, in the year 2000, a cluster of linked machines costing $110 million, operated at slightly more than 7 teraflops

A teraflop is “a trillion calculations per second” and like every other computer technology, they are just going to get faster meaning they will crack your passwords faster.  A brute force attack means they will try every combination of number, letters & symbol combinations until they find the right one.

 

Christian Brindley, Regional Technical Manager EMEA at VeriSign Authentication, said,

Lots of people think that they have a solid password – over 12 characters long, including a combination of letters, numbers and cases to increase their strength.

However, in today’s world passwords are simply not enough to protect sensitive information on their own. In fact, VeriSign research of UK online adults showed that 39% of us disagree that ‘user name plus password’ is a strong enough security measure.

If that was not bad enough Elcomsoft have software that is meant to audit your wireless security by hacking it and if you have not already guessed it, it uses your graphics card’s GPU to do it.  No doubt some criminals will find a way of adapting this to try and hack their way into someone else’s network.

 

My Advise

For home users I would suggest a 8 character password and for businesses at least 12.  They should include uppercase letters, lowercase letters, numbers and special characters like £, $ or &.

 

It is better a strong password that take a bit longer to log in than have it hacked and have sensitive details lost.

 

If you would like any more information then please contact us and we will happily give you some advise.

Posted in blog | Tags: , , , , | 7 Comments »

Have you changed the password on your router?

July 28th, 2010 | Author:

Did you know someone can change the setting on your router so all your internet traffic goes through their servers and from this they can get your bank details as well as other personal information?

 

Routers come with a standard password and I usually use this to access clients routers without even asking if they know the password.  This is because the router is usually the last place someone thinks of needing a password or they simply have not known it.  Now, well for some time, criminals have taken advantage of it, they have developed malicious code to change your setting on the router.

 

This looks like the computer is affected by a virus but even after a computer has been cleared of everything it still has the same error and all computers will show the same symptoms.  You may net even get any symptoms which makes it worse.

 

When you go to a website your computer does not know where that website is hosted so it looks for a DNS server.  On nearly all home routers this will be set to get the address of these servers from your ISP automatically.  So when you type in a website address it goes to these servers and they look up where the website is, return this information to your computer and you get the website displayed on your computer.  This virus changes the settings so it does not get the DNS server of your ISP but theirs so they can see what you are doing and intercept any data they can.

 

For the full report see Forbes

 

How do you change this password?  If you are confident then search for your routers model number and for the instructions.  This should tell you what to do, if you are not sure then get a technician in to do it for you.  It does not take long and you will know that this virus can not affect you.

Posted in news | Tags: , , , , , | No Comments »
Let’s connect
Subscribe via Google+
Call us

Call us on

0845 805 9257

or

07940964018

Sign Up For Our
Newsletter

* = required field
Facebook
 

Contact Us |About Us | Terms and Conditions | Privacy Statement | Links
Copyright © 2010 4 Your Computer Repairs. All Rights Reserved.