Monday, June 27, 2011

cracked ya.... like an egg...

alright.. it's been too long, i know.. i had intended to do this weeks ago, but have been sidetracked with other things. then i got on yahoo today and saw a post about my idea, so i figured, now is a good time to get back on track with the blog world.

today's topic...... passwords! we use them all the time, but just because we have one, doesn't mean it is a good one. and really, we SHOULD have more than one password that we use. right? now nod altogether with me, "right".

you'd probably be surprised by how easily many of your passwords can be hacked. there are lists out there that hackers have compiled with the most used passwords. HERE is just one list as an example. if your password is on that list... chaaaaaaange iiiiiiiit! "123456" is not a good password! nor is using "password" or "qwerty"! that's just leaving yourself open to being hacked. why would you go and do that to yourself!? unless you're putting a password on something you don't mind someone getting into, you better get creative and strength up your lockdown. or, if you don't mind someone getting into your bank account and stealing all your money and then continuing on to steal your identity, by all means... go ahead and leave your weak password for the sake of it being easy to remember and type in.

so now is where you say, 'ok layne... i get the scolding... how do i make a good password!?' for starters, make sure it is AT LEAST 8 characters long, though the longer the better. those characters should be comprised of uppercase, lowercase, numbers, and to make it extra secure, throw in some special characters (you know *&^%$#@). the key is variety and non-typical sequences, like capitalizing the 3rd and/or 5th letter in your password, and replacing certain letters with numbers and/or special characters, such as nuMb3r$ (i know that's only 7 characters... you get the idea though).

why is variety important you ask? remember back in high school math classes when you had to figure out how many combinations of a certain sequence you could make? this now applies to your passwords. there are 26 letters in the alphabet. using only lowercase letters for an 8 character password, that gives you 208,827,064,576 combinations of possible sequences. now... add 26 uppercase letters into the mix. that gives you roughly 53,459,728,530,000 sequences! then add in 10 numbers...... 218,340,105,600,000.* ok.. this is getting to be too much math for me*... then add in, lets say, 10 special characters (even though there are more).. 722,204,136,300,000. *head explodes from too much math* see what i mean? and that's with only 8 characters! combining them all with a larger amount of characters gives you a better chance of having an uncrackable password... well... at least a stronger password.

what your password actually is makes a difference too. if you use your kids name and their birthday, you have a good chance of someone guessing that. though the password may be over 8 characters, containing upper and lower case, as well as numbers, that is information that most people can figure out and try by the information they obtain from your facebook. so, your birthday, you spouses birthday, your anniversary, your favorite vacation spot, your mothers maiden name, don't make for good passwords!

guess i should explain how The Malicious Ones go about cracking your passwords in the first place. sometimes they use what is called a dictionary attack, which is actually typing in different passwords they think it could be. there are many lists out there that hackers have compiled of the most used passwords. this is where unique passwords come in handy. a hacker probably isn't going to guess the 2 most random words you could think of that has a mix of upper, lower, numbers and special characters all mixed together and that is 12 characters long.  they're probably going to use their list i mentioned above and put all those in first though. or they're going to use information they know about you and try different combinations of that.

another way the TMO's hack is by using their computers to do the work. and trust me, those guys can have some pretty powerful computers. this is called brute force. they use their computers to test combinations, and sometimes, it doesn't take long at all. computers have the ability to try every combination possible in a very short amount of time. sometimes even more than a million a second. for a first hand example, dan was given a computer that was having problems by a co-worker to fix. the co-worker forgot to give dan the password to log into the computer to be able to start solving the problem, so dan decided to test out his skills. once he got everything set, it took his computer 15 seconds to crack the password. now granted, the password was a 7 digit number,  but if your password is a 7 digit number, it can happen that fast as well, and his computer was only processing about 500,000 combinations a second.

thirdly, the attacks can be non specific. as many of you probably saw on the news, sony's system was hacked recently. hackers gained log in information and passwords, as well as other account information. in this case, even the strongest password isn't safe. while the hackers weren't specifically after me, they do now have my password.  which brings me to my final point.....

now that you know how to make a good password, make at least 5 more. you should not use the same log in passwords for every online account you have. think about it... if someone manages to hack your facebook password, they now have your bank password, and your credit card password, your paypal password, etc. i recommend using as many different passwords as you can remember. if you have trouble remembering them, write them down, and keep them in a safe, private place. it is also recommended that you change your passwords a few times a year.

so.... go on already...go through your passwords and do some updating to them!

No comments:

Post a Comment