When the Powerball gets up to that crazy jackpot do you ever think of playing every combination?

/in /by

Why does the use of passwords put the overall security of the network in jeopardy?  in responding to your peers’ posts, discuss whether additional measures could have been taken in order to reduce the threat potential. BELOW ARE FIVE PEER POST TO REPOND TO.

 

 1.B) Passwords put the overall security of a network in jeopardy because they can be accessed by someone that is unauthorized.  A password can be guessed, stolen, or even shared.  (Shinder, 2003)

There are a ways that hackers can gain access to passwords.  Below are a few.

  • Brute force – If at first you don’t succeed try, try, again.  This type of attack just goes through every possible combination.  When the Powerball gets up to that crazy jackpot do you ever think of playing every combination?  (O’Donnell, 2017)
  • Dictionary threat – In a dictionary attack the attacker tries to breach the security by just going through every word in their dictionary to see if it gets a hit on the decryption key and gains access to the data.   (Techopedia, 2017)
  • Rainbow tables – a bunch of pre-computed tables that contain possible passwords with hash values.  These tables allow reversing of the hashing functions and gain access.  Rainbow tables tend to be faster than the other 2 methods I mentioned but they take up a lot more space.  (O’Donnell, 2017)

 

My current LAN password at work showed an online attack scenario of 1.83 billion centuries, offline of 18.8 centuries and 1.83 years for massive cracking array.  A normal lazy password (asdfghjkl) came up with an online of 1.80 centuries, offline of 56.47 seconds and massive cracking of .0565 seconds.   A password of 123456 is a fraction of the lazy password mentioned above.    Anytime I added some kind of combination of numbers or symbols to go with uppercase or lowercase letters those timings got larger.  My LAN password at work has a symbol and then is a mix of numbers and letters.  It could probably be even more complex but I have been there for 20 years and we have to change it every 90 days.  I have run out of things to use as a password.

 

2.H) One of the most popular ways to compromise a password is to simply ask for it. Yes. Social Engineering, in terms of technology is the manipulation of people into doing something that divulges personal or confidential information. Example, you get a call at work from someone claiming to be from the IT Department or working with the IT Department and needs to ask you some questions to help assist with a network issue they are having. They sound convincing, they can even spoof the phone number so it looks like it is coming from your company. Malware is another technique used to get your password. A user downloads malicious code that puts a key logger on your computer and the attacker has all your login credentials. Open wireless networks can be a heaven for criminals trying to steal your information. Packet sniffing on an unsecure wireless network is another tactic that can be used to compromise your password. Because password polices are not implemented and enforced, attackers can simply try to guess the password. People are still creatures of habit and sometimes they stick with things that just makes their life easier, not necessarily safer. 12345, QWERTY, password, and 123456789 are some of the most popular passwords that are used. (Smith, 2011)