Yesterday I gave you some tips on how you choose a safe password and today I will give some examples of how passwords are stolen. This will hopefully help you to enforce an even better password policy for yourself or your business.
Among the most frequent techniques of stealing passwords you find:
- Guessing. There are software programs designed only to guess a user’s password. They use personal information found online such as names, dates, friends, significant others, pets, license plates, clothing labels, etc.
- Peaking. People can pick up passwords while peaking over your shoulder as you type them. Passwords written down are also a major risk since anyone can find them.
- Use of Dictionary. There are also software programs that run every word (and combination of words) from a dictionary in hope of eventually finding a match.
- Brute Force Attack. By trying every conceivable combination of key strokes in tandem with a user name, brute force attacks often discover the correct password. Programs can execute these attacks very quickly.
- Phishing. A phishing scam often begins with an e-mail or IM that look legitimate and points to a website that appear to be a bank or similar. The site is only designed to try to make you type your personal information (such as user name and password).
Hopefully you have gotten a little bit more insight in how to choose a good password through these two posts. Remember to changes passwords often.. The longer you go without changing the harder it is to change.
Have a nice weekend!