Help to keep hackers at bay
Tuesday, September 15th, 2009Think you’ve secured yourself against online hackers with a foolproof password?
Well think again because with the number of cases of reported hack attacks on the rise, hackers are getting even craftier at cracking those codes.
But fear not, here at DpiVision we’ve been busy trawling the Internet to find out ways to keep hackers at bay and we’ve stumbled across web geek John P’s top tips on protecting yourself from online crime.
After extensively researching the subject, John’s pretty clued up on how to smash those passwords you and I reckon are rock solid, and now he’s using his knowledge to help fellow friends online.
His first tip is to ditch obvious passwords like your partner, pet or sibling’s name.
Lose naming your password after your hometown, school or favourite football team, and don’t use date of births.
Secondly, use a different password for each log-in you set up.
Many people make the mistake of using identical or similar passwords for all online accounts, meaning that hackers don’t need to attempt to take on steel-ringed websites like banks, they can just hack into the softer site you used years ago to buy your aunt that hat.
Pay particular attention to the difference between using only lowercase characters and using all possible characters (uppercase, lowercase, and special characters – like @#$%^&*). Adding just one capital letter and one asterisk would change the processing time for an 8 character password from 2.4 days to 2.1 centuries.
| Password Length | All Characters | Only Lowercase |
|---|---|---|
| 3 characters 4 characters 5 characters 6 characters 7 characters 8 characters 9 characters 10 characters 11 characters 12 characters 13 characters 14 characters |
0.86 seconds 1.36 minutes 2.15 hours 8.51 days 2.21 years 2.10 centuries 20 millennia 1,899 millennia 180,365 millennia 17,184,705 millennia 1,627,797,068 millennia 154,640,721,434 millennia |
0.02 seconds .046 seconds 11.9 seconds 5.15 minutes 2.23 hours 2.42 days 2.07 months 4.48 years 1.16 centuries 3.03 millennia 78.7 millennia 2,046 millennia |
John has also compiled a list of tips to toughen up your password:
1. Randomly substitute numbers for letters that look similar. The letter ‘o’ becomes the number ‘0′, or even better an ‘@’ or ‘*’. (i.e. – m0d3ltf0rd… like modelTford)
2. Randomly throw in capital letters (i.e. – Mod3lTF0rd)
3. Think of something you were attached to when you were younger, but don’t choose a person’s name! Every name plus every word in the dictionary will fail under a simple brute force attack.
4. Maybe a place you loved, or a specific car, an attraction from a holiday, or a favourite restaurant?
5. You really need to have different username / password combinations for everything. Remember, the technique is to break into anything you access just to figure out your standard password, then compromise everything else. This doesn’t work if you don’t use the same password everywhere
6. Since it can be difficult to remember a ton of passwords, John recommends using Roboform. It will store all of your passwords in an encrypted format and allow you to use just one master password to access all of them.
7. Once you’ve thought of a password, try Microsoft’s password strength tester to find out how secure it is.
To read John’s full blog, visit http://onemansblog.com/2007/03/26/how-id-hack-your-weak-passwords/
