Worst case password

Very few people understand what password means. It’s not just a secret word, it’s a key of door to many thing. If the so called secret word is found by someone who isn’t supposed to know, then everything is almost lost. Password isn’t just a word to pass thru.

Many users have weak password or even worst, easily guessable password. Passwords like

  • 123456
  • password
  • abc123
  • 123456789

are very easy to guess by cracker. It’s only matter of hours if not minutes, they can crack password and enter into system. Once inside, who know what they will do. Weak password are specially dangerous for online transaction – bank account, e-mail ids. A article from http://www.theregister.co.uk/2010/01/21/lame_passwords_exposed_by_rockyou_hack stated this :

If these login names and password are easy to guess then it’s all the more likely that hackers will be able to break into accounts using brute force dictionary attacks and readily available password cracking tools. If users (as they often do) use the same login credentials for social networking sites and more sensitive accounts (email, online banking etc) then the problem gets even worse.

Weak passwords are mostly result of lack of knowledge of user on

  • How to create password?
  • Remembering long passowrd
  • Being cryptic
  • Using combination of letters (A-Z , a-z), number (0-9) and symbols (like @,#,! etc)

When creating new password, never ever – never use you name or family name as password, cuz they are dead easy to guess.
Also never use name of someone close or family member name just because you love them, and want to show affection by doing this,  and please no dogs name. It’s so lame cuz it make looks like you don’t have creativity to even create, a descent password.
When creating password, length matters. Whether encryption is 128 or 256 bit, it’s good as user level of password complexity. A simple password like iloveyou, 12345 are very easy to crack even if it is encrypted with strong encryption Algorithm.
They say – “It’s strong as it’s weakest joins.”
Never try to use single password for everything, which means bank, emails, websites etc. Even remembering multiple password is hard, just create couple of them, use them and don’t give them to anyone. Hide it, even from your spouse. Try to change password every 6 months. I know how we forget this fact, that once we created password, we tend to forget to change it, until long enough something rings up.
Don’t be moron, yeah moron who will reply to mail, that issues security threats warning, fearing his everything is in danger.  If  you should ever receive mail then chill out and think in calm before replying. Never give password to suspicious site or any mail that say they require password re authentication or blah blah. Your bank won’t send mail to ask your password. Someone could be phishing

Users should be persuaded, if needed helped, for usage of strong password. At this age, when electronics are progressing at quantum speed, just use of 6 characters length password and thinking it to be safe, is fools way. Recent study, suggested that in near future, minimum password length should be made 11 characters long. Using 128 bits encryption won’t be enough and service provider should move to 256 bits encryption. The best solution is to be user aware, enough aware, that just relying on service provider for safety won’t do.

Some links more about password security :

Weak passwords stored in browsers make hackers happy

Password reset questions dead easy to guess

Most consumers reuse banking passwords on other sites

Leave a comment

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.