ID THEFT - PREVENTION, DETECTION, RECOVERY - A SERVICE OF KNIGHTSBRIDGE CASTLE: CRACKING PASSWORDS

Wednesday, October 11, 2006

CRACKING PASSWORDS – EASIER THAN YOU THINK

Passwords and PIN’s are our primary defense in protecting our personal security in personal systems as well as in commerce. Unfortunately, breaking these codes is easy. There are three common techniques for breaking your password and stealing your information or commercial accounts.

Dictionary or Brute Force attacks – these attacks use word frequency dictionaries and simply submit one common word after another until the logon is accepted. In the early 70’s when this author was a young programmer my password was “dog”. Today’s powerful servers and PC’s would have cracked open my old accounts in less than a second.

Rainbow Table attacks – these attacks use a technique which constructs a chain of possible passwords. Each chain contains randomly selected “guesses” of passwords and then successively applies a hashing technique and reduction function to search for a valid password. Failed password guesses are discarded and new random guesses constructed through the creation of a “rainbow table”. This table takes time and memory to build, but must only be built once at which point, it can then very quickly recover unknown passwords.
With the growth of on-line accounts we are all having trouble remembering passwords. The most common call to help desks is for forgotten passwords. Therefore we tend to fall into an all too common trap – we create a basic easily remembered short password and we use it for many accounts. The easily remembered password is usually a common English language word or a variant on that word. We all know the need for adding special characters, but few of us do so. Your keyboard has 64 characters on it and another 104 non-alpha-numerics. Both of the above techniques will search the character strings first. By including many of the other 104 keyboard elements you make these techniques much more complex and more time consuming.
Here are some poor passwords easily cracked but easy to remember.

alphabeta
abouttown
speedlimit

Here are some far more difficult passwords to crack but probably more difficult to remember.

$,H&aNlo*>>
M#ar”tin
Over64$easy^^TOn(=12

About Me

Name: KnightsBridge Castle

Location: Woodside, California, United States

Our Blog is updated each weekday. Information about KnightsBridge Castle, a California corporation, may be found on our website at www.KnightsBridgeCastle.com Our Blog experts include: -- Eric Drew – Nationally recognized spokesman for Identity Theft Victims. Featured on CNBC, NBC Dateline, MSNBC, and in extensive press coverage. Learn from Eric’s hard won techniques of identity theft recovery. -- Tim Logan – identity fraud specialist with a wealth of knowledge about cyber crime and cyber abuse. Published author of the “Identity Theft Resource Guide” and articles for West Publishing (a leading legal publisher) on electronic document discovery. Member Association of Certified Fraud Examiners. -- Dr. Richard Blum – Stanford and Cambridge University Professor of Law and Medicine and expert on financial crimes. Author of over 80 books and articles on criminology. -- Mark Otto – Case specialist at KnightsBridge Castle – an expert on everyday crime fighting from the trenches. Mark is an expert on detection and recovery and a leader in detecting new trends in identity theft.

ID THEFT - PREVENTION, DETECTION, RECOVERY - A SERVICE OF KNIGHTSBRIDGE CASTLE

Wednesday, October 11, 2006

CRACKING PASSWORDS – EASIER THAN YOU THINK

1 Comments:

Questions About Identity Theft?

We are available to chat online from 10:00am to 3:30pm PST M-F

About Me

Previous Posts

Add Feed To Your Favorite Browser

Subscribe for RSS feed.