Your Clever Password Tricks Aren’t Protecting You from Today’s Hackers.
Nowadays the password Security cracks too often, you
may probably hear about password hacking and so all the ways you should
strengthen your accounts as much as you can. Even you hear though,
unfortunately, today's password-cracking tools are more advanced & able to
find out your tricky password. Here is what's changed and what you should do
about your password.
Background: Passwords Are Easier
To Crack Than Ever
Our passwords are too less secure than they were
just a few years back, thanks to password crackers who use faster hardware and
new techniques to catch up password. This website Ars Technica explains that their inexpensive
graphics processors enable to track password by using password-cracking
programs & can track billions of password combinations in just a second.
Few years ago this process would take too many day to crack, but now may take
only few days.
The entire common password we used it helps hackers
to identify the password patterns when we creating passwords. Most of the
hacker can now use rules and algorithms calculation to crack passwords more
quickly than they could through simple common password attacks.
Let’s say an example, you can take the password like
"Sup3rThinkers"—this password would pass most password strength tests
because of its 13-character length and use of mixed of capital & small
letter and a number. This web site How Secure Is My Password? estimates that it
would take about a million years to crack by using desktop computer, with a 4
billion calculations-per-second basis. But, it would take a hacker just a
couple of months now.
Another example, such as
"mustacheehcatsum" (that is "mustache" spelled forward and
then backward) may give you strong security, but they're easily cracked
by having the same characters of password.
Redman- a security penetration tester who crack
"Sup3rThinkers", he employed the rule that directed his software try
not to use word like "super" but use these word like
"Super", "sup3r", "Sup3r", "super!!!"
and similar modifications. It then tried each of those words in combination
with different patterns like “thinkers", "Thinkers",
"think3rs", and "Think3rs".
In other words, it is to be said that hackers are
totally on to us!
Now what can you do? There is no other
way except strengthening Your Passwords by Making Them Unique and Completely
Unpredictable.
We recommend you from our experience, but in light
of the faster and newer cracking ways out, these are worth reviewing.
1.
Always Avoid Easiest Password Formulas
Here the biggest problem is, we are all filling our
passwords the same way (in here some companies limit the password length and
ask to require certain types of characters as well). When companies ask to use
mix of upper and lower case letters, numbers, and symbols, most of us exactly
follow below patterns:
- We use a name, place, or common word as password, e.g.,
"zibooz" (Women tend to use their personal names and men tend to
use their favorite hobbies)
- Sometimes we capitalize the first letter: "Zibooz"
- Sometimes we add a number, most likely 1 or 7, at the end of our
password: "zibooz1" or “Zibooz7”.
- Sometimes we add one of the most common symbols like (~,!, @, #, $,
%, &,?) at the end of our password: "ziboz@" or “Zibooz!!”.
Not only these patterns are obvious to professional
password, but also you use with substituting vowels for numbers
("Zibooz7!") or adding another word ("Zib00z1!")
wouldn't help you much as you think about your password, since hackers are
using the patterns against our preference and adding words from the master crack
lists together.
Other clever & complicate techniques, such as
shifting keys to the right or left or using other keyboard patterns are
also now cracked up by hackers hacking tools. According to a commenter, who
wrote in the Ars Technica article that hackers use keyword walk generators to
match millions of keyboard patterns.
The solution: Please don't do that, what everyone
else is doing. Just avoid the patterns above & remember the basics: don't
use a single word from dictionary, names, or dates in your password; you can
use a mix of both character types (including spaces or caps locks); and try to
make your passwords as long as possible. If you have a suggestion for how you
create memorable passwords, it's only secure if no one else is following that
suggestion. You can check out IT security pro Mark Burnett's collection
of the top 10,000 most common passwords, which he says
represents 99.8% of all user passwords from leaked databases, or this list of 500 most common passwords in one page.
2.
Can use Random Passwords
You can use multiple uncommon words for your strong
& long password. With using a passphrase is more secure and more memorable than complicated
but shorter passwords, as web comic Xkcd pointed last year. Longer but simpler
passwords are more complex—but only if the words you use are truly random as
well. If you're using a common quote as your password or saying for your
passphrase, you're a target, because hackers' have dictionaries which include
common quotes, phrases, titles, and lyrics and they can easily imply rules to
use just using the first letter of each word or other similar pattern. "To
be or not to be" and "2b30rn0t2b3" and "tbontb" might
take just seconds to crack by using fast algorithms, so have to make your passphrase truly unique and random.
(The Xkcd password generator can pick four random
words for you).
You can use a password generator and manager. While the
passphrase approach might work well , and your computer login or the few cases
you need to remember your password, this is the best option is to generate a
truly random, long, and complex password. It is hard to crack password by the
hackers because of it patterns and word lists. Here are some website like LastPass, KeePass, or 1Password ,
who can generate a random password for your preference. You can see this
article for better understanding how to build a nearly hack-proof password system with
LastPass as well as detailed instructions. Always, remember that the only secure password is the one you can't remember.
3. Always try to use a Unique Password for Each Site
Whatever the passwords you choose or create, this is the
most important security strategy of all of you guys: Use a different password
for each site if possible, if you maintain this you will be secure. Any hacker
can’t hack your password. The limit of the character is up to you. If your
password is compromised on different passwords for different sites, at least
all your accounts are protected.
Does this article helpful for you or Do you add up any
formula that you know? You are most welcome to add any idea about this article.
Let us know about your comments or recommendation in comment section.