Professional Documents
Culture Documents
PRESENTED BY :-
SEJAL S NAIK
SUDINI N TELI
SIMRAN PADELKAR
WHAT IS IT?
• Typically facilitated through the use of software that expedites cracking or guessing
passwords.
Hackers know that many passwords are poorly designed, so password attacks will
remain a method of attack as long as passwords are being used.
HOW TO PREVENT
The best way to fix a password attack is to :
• avoid one in the first place i.e. proactively investing in a common security policy that includes:
Remote access. Using a smart remote access platform like OneLogin means that individual
websites are no longer the source of user trust. Instead, OneLogin ensures that the user's
identity is confirmed, then logs them in.
Biometrics. Enabling biometric authentication turns your password into only one of several
points of trust that a hacker needs to overcome.
Easy-to-hack environments that have a weak security posture are much more appealing to
opportunistic cybercriminals.
Boosting password security significantly improves your ability to avoid a data breach.
One should also limit access to privileged accounts and add additional security layers for those
accounts.
Educating everyone about password security is also a proven means of prevention.
With security breaches becoming the new norm, each individuals can play a key role in maintaining
their security posture.
Password best practices include:
• Requiring long, complex passwords that are unique for each website or account
• Implementing multi-factor authentication whenever possible
• Adopting a password manager to simplify password management and to ensure secure
storage
On Sunday, January 4th, 2009, a hacker known only as GMZ, used a tool he
developed to launch a dictionary attack against the account of a Twitter user
named Crystal.
The program ran for several hours overnight automatically trying different
English words. When “he checked the results Monday morning at around 11:00
a.m. E.T., he found he was in Crystal’s account.”
GMZ soon realized that Crystal was actually a Twitter staffer with administrative
privileges. He was able to compromise several high-profile accounts by resetting
their passwords and making them available to fellow hackers.
Some of these included the accounts of President Elect Barack Obama, Britney
Spears, CBS News and Fox News.
PASSWORD MANAGEMENT
• set of principles
• best practices to store and manage passwords in an efficient manner
• preventing unauthorized access
HOW TO MANAGE PASSWORDS
• Use strong and unique passwords for all websites and applications
• Reset passwords at regular intervals
• Configure two-factor authentication for all accounts
• Securely share passwords with friends, family, and colleagues
• Store all enterprise passwords in one place and enforce secure password policies
within the business environment
• Periodically review the violations and take necessary actions.
REFERENCES
• https://www.onelogin.com
• https://www.sailpoint.com
• https://cisserv1.towson.edu
• https://www.cisecurity.org
• https://www.itprotoday.com
• https://www.zoho.com