Posts Tagged ‘passwords’
Most Companies require them and a lot of home users do not but for those who do, just how good is your password?
I often advise people on passwords and how to make them more secure and if you like spaceballs you will know about one of the simplest easy to crack passwords going around
but here a re few more that are common and should not be used
- password
- 1234
- 12345
- 123456
- 1234567
- 12345678
- qwerty
- abc123
- letmein
- monkey
- myspace1
- password1
- blink182
- (your first name)
- god
- sex
- money
- love
- 696969
- admin
- password
But sometimes it is not even necessary to hack the password, I have seen people give out their password to work colleges and friends.
In one case someone had managed to get a co-workers password they then went on to use this account for looking up adult material while in work. The only reason that he got caught was he used this account while his co-worker was on a different shift, so after security and the IT department looked into it and then tracked the usage they were able to catch the person in the act. That person was instantly sacked, but things could have been different if they had only used that account when that person was working.
It used to be the case that good 6 character password would be sufficient and that someone could try 100 passwords per second (see table below, thanks to baekdal
But now there is a new threat.
Graphics cards
As the graphics processing unit (GPU) have become so powerful and fast in order to handle the the rendering for today’s games this has also lead to them being used for other things.
According to the Georgia Institute of Technology passwords with fewer than 12 characters can be decoded using brute force and to put the power of these graphics cards in to perspective:
The top graphics processors, today, offer about two teraflops of parallel processing power. Put this into comparison comparison, the world’s fastest supercomputer, in the year 2000, a cluster of linked machines costing $110 million, operated at slightly more than 7 teraflops
A teraflop is “a trillion calculations per second” and like every other computer technology, they are just going to get faster meaning they will crack your passwords faster. A brute force attack means they will try every combination of number, letters & symbol combinations until they find the right one.
Christian Brindley, Regional Technical Manager EMEA at VeriSign Authentication, said,
Lots of people think that they have a solid password – over 12 characters long, including a combination of letters, numbers and cases to increase their strength.
However, in today’s world passwords are simply not enough to protect sensitive information on their own. In fact, VeriSign research of UK online adults showed that 39% of us disagree that ‘user name plus password’ is a strong enough security measure.
If that was not bad enough Elcomsoft have software that is meant to audit your wireless security by hacking it and if you have not already guessed it, it uses your graphics card’s GPU to do it. No doubt some criminals will find a way of adapting this to try and hack their way into someone else’s network.
My Advise
For home users I would suggest a 8 character password and for businesses at least 12. They should include uppercase letters, lowercase letters, numbers and special characters like £, $ or &.
It is better a strong password that take a bit longer to log in than have it hacked and have sensitive details lost.
If you would like any more information then please contact us and we will happily give you some advise.
