DO U WANT TO KNOW HOW HACKERS CRACK PASSWORD

Published by Akshaya.Balineni on

computer hacker is any skilled computer expert that uses their technical knowledge to overcome a problem. While “hacker” can refer to any skilled computer programmer, the term has become associated in popular culture with a “security hacker”, someone who, with their technical knowledge, uses bugs or exploits to break into computer systems.

FEW WAYS HACKERS STEAL PASSWORDS

Some companies have lists of plain-text passwords, while security-conscious enterprises generally keep their password files in hashed form. Hashed files are used to protect passwords for domain controllers, enterprise authentication platforms like LDAP and Active Directory, and many other systems, says Brian Contos, CISO at Verodin, Inc.

These hashes, including salted hashes, are no longer very secure. Hashes scramble passwords in such a way that they can’t be unscrambled again. To check if a password is valid, the login system scrambles the password a user enters and compares it to the previously hashed password already on file.

“Given enough time and resources, you can crack any password. The difference is whether it takes hours, days, or weeks”.

  1. Mass Theft– Well, guess what—more than 60% of people use the same username and password for all their accounts. Hackers run programs that enter stolen username and password details on tens of thousands of sites until one hits. Then they have access to your accounts and credentials. If you use the same username and password on all accounts, that can leave you extremely vulnerable. If you use different, complex passwords, though, it’s near impossible to remember everything, which is what makes some people just write them down, defeating the purpose. Others just use the same old password on everything. The new HyperFIDO U2F token protects you from those kinds of attacks while making sure you never have to remember or come up with a complicated string of digits and symbols just to keep your accounts secure.
  2. Wi-Fi Traffic Monitoring Attacks– Have you ever connected to a public Wi-Fi and logged into any accounts? Then your password could’ve already been stolen. A common attack is Wi-Fi traffic monitoring, where a hacker uses a simple application that can easily be downloaded from the internet for free to watch all traffic on a public Wi-Fi network. Once you enter your username and password, the software notifies them and the hacker intercepts the information. Simple as that—they now have your username and password for that site. It only takes a few more minutes to use a program like the one above to try other sites you may have used the same password and login combination on. Pretty soon, they’ve got access to a whole swath of your information and it’s only a matter of time for them to get the rest.
Play Video
3. Phishing Attacks Type 1: Tab Nabbing – Phishing attacks over the years have become more sophisticated. Say it’s your bank, and to confirm your purchase on your debit card, they ask you to click on a link. The website looks legit, but it’s actually a fake site that looks exactly like the real site—hence, they’ve “nabbed” your tab. When you enter your credentials, the site redirects you to the real site. Boom, they have your info. In some cases, the fake site will ask for additional info including Social Security or Social Insurance Number. I actually went into my bank and asked them under what circumstances would I get a call or email from them, after getting several emails and calls claiming to be from my bank. I wanted to know what a legitimate correspondence would look and sound like. My bank assured me that I would NEVER receive correspondence from them via email and if they called, it would be a person from my local branch unless I had requested a call back from one of their service departments. 

 “Beware of links in dodgy emails.”

4. Phishing Attacks Type 2: Key Logger Attacks – Mostly this occurs when you get that dodgy email, click it, and then click the ever-so-interesting attachment and unbeknownst to you, a malicious JavaScript is injected into your browser. SURPRISE!! Without your knowledge, every detail you type, including username and passwords, are recorded and sent to the hacker. Back in 2006, fake e-greeting cards were very popular with hackers for injecting key loggers into your browser. You get this lovely e-greeting expecting a nice holiday message and instead you get hacked and all the little hacker children get iPads for Christmas. 

Security is Everyone’s Job

Of course, the responsibility to keep our confidential information is secure does not rest solely on our shoulders. Yes, we need to make sure we are not needlessly giving access to hackers, but we also need to make sure that websites, companies, and other individuals with access to our sensitive information are doing their part to keep our information secure.

Categories: HACKING

0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *