5 MOST COMMON PASSWORD CRACKING TECHNIQUES AND THEIR COUNTER MEASURES
There are various techniques to get access to your mails or accounts by hacking them which can be done by hacker. This article going to help you to protecting your online accounts from hacking.
- BRUTE FORCE ATTACK
Brute force attack consist of any number of probable combinations of numbers, letters and special characters up to the right password is match. Hackers can crack any sort of password by brute force attack. Brute-force attacks can takings very long time dependent upon the difficulty of the secret word. The cracking time is determined by the performance and speed of computer and complexity of the password.
[ad type=”banner”]Countermeasure:
You should set long passwords which are a mixture of lowercase uppercase special character and numbers. Brute-force attack will take hundreds or even thousands of years to crash such complex and long passwords.
-
SOCIAL ENGINEERING
With this technique a person can get access to your password by manipulating to trust him and then you grant your password yourself. For example, if the hacker was trying to get the password of a co-workers or friends computer, he could call him pretending to be from the IT department and simply ask for his login details. Sometime hackers call the victim pretending to be from bank and ask for their credit cards details. Social Engineering can be used to get someone password, to get bank credentials or any personal information.
Countermeasure:
If someone asks you for a password and pretends to be someone you must first confirm his/her identity by asking few questions. In this way you will not fall in a trap.
[ad type=”banner”]-
KEYLOGGERS AND RATS
In this method the hacker send keylogger to the victim. With this the hacker has the power of monitoring everything that the victim does on his/her system. Every keystroke is logged including passwords. Moreover hacker can even control the victim’s computer.
Countermeasure:
If it’s important use on-screen or virtual keyboard while tying the login. Use latest anti-virus software and keep them updated. Check out below article to know more about Rats and Keyloggers.
-
PHISHING
It is the most popular and easiest way to have someone’s account details. In this the hacker sends a fake page that looks just like the original one like of Facebook or Gmail to the victim.
When someone logins through that fake page the details will be sent to the hacker.
Countermeasure:
It’s easy to avoid phishing attacks. The URL of this phishing pages are different from the real one. For example URL of phishing page of Facebook might look like facbbook.com (As you can see there are two “b”). Always make sure that websites URL is correct.
[ad type=”banner”]-
RAINBOW TABLE
This table is a list of hashes that has been pre-computed for possible combination of characters. Password hash is the password which has been gone through a mathematical algorithm like md5. It is a one way encryption technique in which if once a password is hashed you cannot get back to the original string. It is almost similar to dictionary attack, the only difference is, in rainbow tables attack hashed characters are used as passwords whereas in dictionary attack normal characters are used as passwords.
Example: ‘hello’ in md5 is 5d41402abc4b2a76b9719d911017c592 and zero length string (“”) is d41d8cd98f00b204e9800998ecf8427e
Countermeasure:
Use long and difficult passwords because creation of these table will need a longer time and hug resources.