flipkart

Wednesday, January 29, 2014

5 Password Myths You Should Stop Believing

1. A file, folder, computer, or
account protected by a password is
safe.
Read the rest of the article and
learn why that statement is no
longer true.
2. Your passwords are secure as long
as you only deal with reputable
online businesses.
Big online businesses that serve
tens of millions of customers
worldwide are expected to hold a
treasure trove of personal
information – the favorite diet of
identity thieves. Therefore, these
companies are always in the
crosshairs of the world’s most
highly-skilled hackers.
Take these recent examples, for
instance:
LinkedIn - A file with 6.5 million
passwords from LinkedIn accounts
appeared in an online forum based
in Russia
Yahoo - 450,000 usernames and
passwords from Yahoo! were posted
online
Sony (Playstation) - This massive
breach involved 77 million Sony
Playstation user accounts containing
passwords and other personal
information.
Reputable businesses like LinkedIn,
Yahoo! and Sony should be
implementing the strongest security
countermeasuresavailable. But even
these are not strong enough to
withstand attacks all the time…
3. A password input box that
obscures characters as you type
hides your password from prying
eyes.
The dots or asterisks displayed on a
password input box are just meant
to prevent people near you from
seeing what you’re entering in
there. How the password is actually
stored or sent is a different story.
4. “Strong” passwords are difficult to
compromise.
Even if your password is long and
complex (e.g. a combination of
uppercase and lowercase letters,
numbers and other non-alphanumeri
c characters), if it is stored or sent
in plaintext, you’re toast if the
hackers get hold of it.
Plaintext means it can be viewed
exactly the way it has been entered,
using easily accessible tools. For
example, if your password is Super
$ecretp@Ss, a free downloadable
tool like Ettercap enables your
password to be viewed exactly in
that form: Super$ecretp@Ss.
If, however, your password is
encrypted, it means that it has been
scrambled; it cannot be viewed
using the same tool (Ettercap). It
might be displayed something like
this: xt%y&1sm^*gt;>2.
Unfortunately, many software
applications still store and send
passwords in plaintext. That is why
hackers still find the first three
items in the next section so
effective.
5. Hackers use sophisticated tools to
steal your password.
Actually, many successfulhackers
don’t require sophisticated tools to
acquire passwords. Some simply use
crafty conversational skills. In the
highly publicised hacking of Wired
Senior Writer Mat Honan, the
hackers made extensive use of social
engineering, a technique that relies
heavily on the art of deception