The simpler the password, the easier it is to hack
A recent study showed that four tested Linux computers installed simple passwords had to "confront" 270,000 attacks with a density of 39 attacks every 39 seconds for 42 consecutive days.
These open source systems are intentionally left open by a researcher at the University of Maryland (USA) to find out how hackers attack these computers?
Among the results, researchers have found that simple 'indirect' passwords make hackers' jobs more convenient. This study also shows that the choice to use a username and carefully attached passwords can make a big difference in whether hackers break into someone's computer or not. no?
Many computer users set a password that is "easy to remember" and "easy to remember" and forget about requiring high security
This study was led by Michel Cukier, an assistant professor of computer engineering. Cukier's goal is to find out how hackers act when attacking a computer system - and their next steps once they have entered the system.
Using software tools to help hackers guess the username and password, this study recorded the most popular keywords that hackers often use with the effort to log in the system. Cukier and his two students discovered that most attacks are carried out by hackers through the use of dictionary scripts that run through a list of common logins and passwords to break down barriers First stop of the computer.
In all attacks, there are 825 successes basically and hackers can take complete control of the system. The study was conducted from November 14 to December 8, 2006.
Cukier was not surprised by the results. In these attacks, 'root' is the leading predictive keyword of dictionary scripts, accounting for 12.34%, while 'admin' is 1.63%. The word 'test' accounts for 0.84%, 'guest' accounts for 0.84%.
The dictionary script software tried to use a password that matches the username of 43% of the time to open the way into the system, Cukier said. The reason, according to him, is that hackers are always trying to make the simplest combinations because they really often match.
Once in the system, hackers have control of many basic functions, including software configuration testing, password changes, hard drive checking and / or software configuration again, downloading one file, install the download program and then run the program.
For IT security workers, this study has strengthened the perception: 'Simple passwords are a headache,' Cukier said.
At the University of Maryland, users have been advised to set passwords of at least 8 characters, with at least one capital letter and one lowercase letter, and recommend that at least one character is a digit. or dot icon. All passwords should be changed once every 180 days .
' This measure is really reasonable, ' Cukier said. ' It will not be useful for too complex passages that make people unable to remember and (according to it) write down a memo that is attached to the computer screen '.
Users can use the title of a favorite book to set a password or even the first characters of a timeless statement, he said. ' With these passwords you can remember easily without having to write it down on paper '.
Anh Thu
- The more complex the password, the safer? Not sure!
- Reset account password in Vista
- Network security - How to set a password with high security
- How to break the CMOS password?
- Start the application with a password
- Delete the Windows User password
- Dismantling the transmission cipher of Italian mafia
- Utilities to help protect data
- Passware Kit 7.5: a versatile password hunting tool
- Use a common password: Unexpected risk
- Password protection before a thief
- New security method, soon no need for Password