Identifying Common Password Attacks

By   ISBuzz Team
Writer , Information Security Buzz | Aug 25, 2014 05:02 pm PST

A password is private and confidential piece of data. It has the ability to protect sensitive personal and business information. Because of this, attackers continuously target passwords in hopes of gaining access to data.

Let’s take a look at a few techniques most commonly used among attackers.

FREE Download: How To Perform A SaaS Application Inventory In 5 Simple Steps

Brute Force

Brute force involves using an automated program that can guess passwords very quickly. This program may use several different techniques, including:

–     Using a dictionary of common words.
–     Using a list of the most common passwords.
–     Failing other techniques, attempt combinations of letters and numbers.

Guessing Game

Since account lockouts are generally tracked for each account separately, a variation of this technique is to guess the most common passwords against a list of accounts to avoid triggering the account lockout safety mechanism.

Research has shown that some of the passwords most commonly used on the Internet include “12345”, “123456”, “12345678”, “password”, and “iloveyou”.

Passwords comprised of simple words, names, places, numbers, and even combinations (such as ‘abc123’) are trivial to guess.

Being Sneaky

One of the oldest and simplest methods for someone to get your password is to simply steal it by:

–     Watching over your shoulder as you type it.
–     Finding a sticky note hidden under the keyboard (or worse, right on the monitor!).
–     Viewing it in a text file on the computer when you step away for a coffee break.

Believe it or not, hackers can steal your password because, for whatever reason, you directly told it to them at some point in time.

Safelight Security | Information Security Awareness Training | More Password Security

safelight_securitySafelight‘s employees are security experts who are also educators. The company combines real-world security skills with innovative adult learning methodologies, focusing on the best ways to teach information security to everyone in customers’ organizations.

Subscribe
Notify of
guest
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

0
Would love your thoughts, please comment.x
()
x