Scribd Logo
Upload

Welcome to Scribd!

  • Password Security: How Passwords Are Cracked..

    Uploaded by

    tahhan3107
    13 views1 page

    Original Title

    1628299563931

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    13 views1 page

    Password Security: How Passwords Are Cracked..

    Uploaded by

    tahhan3107

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    Attackers use a variety of techniques to discover passwords, including using powerful tools

    Password security freely available on the internet. The following advice makes password security easier for your
    users – improving your system security as a result.

    How passwords are cracked... ...and how to improve your system security
    Interception Help users cope with
    *****
    Passwords can be ‘password overload’
    intercepted as they are
    transmitted over a network. • Only use passwords where they are really needed.
    Brute Force
    • Use technical solutions to reduce the burden on users.
    Automated guessing of
    billions of passwords until • Allow users to securely record and store their passwords.
    the correct one is found. • Only ask users to change their passwords on indication
    Average number of Average number of
    of suspicion of compromise.
    websites users access UK citizen’s online
    using the same password passwords • Allow users to reset password easily, quickly and cheaply.

    Help users generate


    Searching appropriate passwords
    Stealing
    IT infrastructure can be
    searched for electronically Passwords • Put technical defences in place so that simpler
    stored password information. Insecurely stored passwords passwords can be used.
    can be stolen – this includes • Steer users away from predictable passwords
    handwritten passwords – and ban the most common.
    hidden close to a device. Blacklist the most
    common password • Encourage users to never re-use passwords
    Manual Guessing choices between work and home.
    Personal information, such • Train staff to help them avoid creating passwords
    as name and date of birth Monitor failed login that are easy to guess.
    can be used to guess Shoulder Surfing attempts… train • Be aware of the limitations of password strength meters.
    common passwords. Observing someone typing users to report
    their password. suspicious activity

    Use account
    Prioritise administrator UPDATE
    lockout, throttling
    Social and remote user
    or monitoring to
    accounts Change all default vendor
    Engineering Key Logging supplied passwords before
    help prevent brute
    Attackers use social force attacks
    An installed keylogger devices or software
    engineering techniques to Don’t store passwords
    intercepts passwords are deployed
    trick people into revealing in plain text format.
    as they are typed.
    passwords.

    For more information go to www.ncsc.gov.uk @ncsc

    You might also like