Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

Introduction to Passwords, Study notes of Computer Security

A beginners guide to Password security and how to protect against password cracking.

Typology: Study notes

2020/2021

Available from 12/19/2021

abdurraheem-abdulfattah
abdurraheem-abdulfattah 🇳🇬

2 documents

1 / 5

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
1
CYBER SECURITY
INTRODUCTION TO PASSWORDS STUDY MATERIAL, DECEMBER 2021
Passwords
A password is a string of characters used to identify a user.
It can be sometimes a word, number, name, animal name and
so-on. We use passwords as a means of security to
authenticate a user and avoid giving access to an unauthorized
user. Password as a factor authentication method can be used
in smart devices like phones, laptops, iPad and so-on, we also
find passwords used in web applications as a means of logging
into our online accounts like Facebook and Gmail.
Passwords are either strong or weak. Weak passwords are
short (i.e. 5-8 characters in length) and simple to guess. Name
of a person, animal, a phone number, and even a pet’s name
are examples of weak and guessable passwords. A strong
password however is the opposite. Strong passwords are long
in length (i.e. 10 16 characters), they have all character
combination like numbers, letters, and symbols and are quite
difficult to guess.
People are known to create passwords based on their
personal information because human beings are limited by
their memory capabilities. We show that personal information
plays an important role in a human-chosen password by
dissecting passwords in a mid-sized password dataset.
pf3
pf4
pf5

Partial preview of the text

Download Introduction to Passwords and more Study notes Computer Security in PDF only on Docsity!

CYBER SECURITY INTRODUCTION TO PASSWORDS – STUDY MATERIAL, DECEMBER 2021

Passwords

A password is a string of characters used to identify a user. It can be sometimes a word, number, name, animal name and so-on. We use passwords as a means of security to authenticate a user and avoid giving access to an unauthorized user. Password as a factor authentication method can be used in smart devices like phones, laptops, iPad and so-on, we also find passwords used in web applications as a means of logging into our online accounts like Facebook and Gmail. Passwords are either strong or weak. Weak passwords are short (i.e. 5-8 characters in length) and simple to guess. Name of a person, animal, a phone number, and even a pet’s name are examples of weak and guessable passwords. A strong password however is the opposite. Strong passwords are long in length (i.e. 10 – 16 characters), they have all character combination like numbers, letters, and symbols and are quite difficult to guess. People are known to create passwords based on their personal information because human beings are limited by their memory capabilities. We show that personal information plays an important role in a human-chosen password by dissecting passwords in a mid-sized password dataset.

Understanding the usage of personal information in passwords and its security implications can help us further enhance password security. Password Hacking Password hacking is a term used to describe the process of a hacker trying to obtain unauthorized access to a system belonging to an authorized user. Since passwords have been introduced to IT, cyber criminals have always found ways to get a hold of the passwords of other people in order to gain access into the devices and accounts of the victims. The following are ways in which passwords can be hacked,  Password Attack: Use of computer software or tools  Shoulder Surfing  Social Engineering  Inference Password Attacks: Password attacks involves the use of automated tools and computer software’s to crack passwords. Two of the most common ways automated tools work for password attacks is.

  • Wordlists,
  • Dictionary attacks and,
  • Brute forcing

Shoulder surfing is defined as the process of spying on people while they use their smart devices like phone and laptop. It involves the attacker standing behind the victim looking over his/her shoulder to gather information like the password being typed. This is the simplest way to gather password information. Social Engineering: This is a situation where a hacker exploits the victim by socializing and establish a friendly relationship in order for the victim to reveal hidden information like his/her password, or phone number, and other sensitive information. Inference: This involves gathering an attacker trying to guess the password of the victim based on the information gathered about the victim through foot printing techniques. In order to prevent inference, users need to be educated on ways to secure their passwords. Another thing to do to prevent inference is to set your passwords in a way that as nothing to with other information like your street address, phone number, pet name, family name, name of workplace etc. Counter Measures to prevent password hacking:

  • Regular Security Auditing
  • Use of stronger passwords
  • Update your system regularly
  • Avoid sharing passwords with anyone.
  • Beware of your surroundings when using your system in pubic
  • Avoid using words from the dictionary to create passwords
  • Apply using different passwords in different systems or online accounts
  • Avoid using only numbers to create a password because they can be cracked easily.
  • If your passwords are written on paper documents, store them in a cabinet and keep it locked.
  • Don’t ever give any one physical or remote access to your system
  • Use more than one authentication method e.g. Biometrics (i.e. fingerprint), facial recognition, pattern or pin (mostly in the case of smartphones)
  • Create password policies.