How people get your passwords
Posted January 10, 2012
Here’s a riddle for you: What can be short or long, tall or small, and made up of a bunch of characters? You guessed it! It’s a password. From upper-case letters to numbers and symbols, passwords are defined by the characters you use to make them.
Over the next few episodes, we’re going to talk about passwords and security questions. These basic questions allow you to access your most confidential and private data. And yet, most people don’t give much thought to their passwords to begin with. That allows hackers to figure out your password, which is just like giving a stranger access to everything you have online.
Before we get into making a good password, we’re going to talk about how hackers actually get your password to begin with. There are four main ways they use.
-The first is the most obvious: They steal it. Ever enter your PIN code at the grocery store in front of other customers in line? It’s the same concept. Anyone can look over your shoulder and watch you type it in. Some simply write down their passwords and leave it right next to their machine!
-Guessing. Study after study shows that people often use incredibly easy-to-guess passwords. Men often choose four-letter obscenities as their passwords. Women, on the other hand, are far more likely to use the names of a loved one or a birthdate or anniversary.
-Brute force attack. This is a process in which a computer program runs through every possible combination of letters, characters, and numbers to crack a passcode. Modern technology allows this to be done fast. A six-character passcode can be cracked in as little as 13 minutes by a high-performance computer.
-Finally, there’s a dictionary attack. This method is a bit smarter than a brute force attack. As its name indicates, a dictionary attack uses a program that tries every word it knows to see if it matches anything in your password. Even adding a number at the end, like “Indiana812” does little to strengthen your password.
Today we’ve covered some of the ways hackers can steal your passwords. Now that you know the basics, we’ll walk you through other important things to know about protecting yourself online.
Look for those episodes on our website, at www.securitymatters.iu.edu