Internet Passwords – a Look From Inside!

You know, it has occurred to me recently that our life consists of passwords. Credit cards, user accounts, safety deposit boxes - you need passwords to gain access to all these things. Well, you'd think they prevent your private life from being hacked into, but I have to quench your hopes a little bit.

I'm sure that an average person doesn't mind visiting different forums and chats. Neither do I. We don't think that it can be dangerous. Just remember the standard procedure of creating an account: you're required to provide an e-mail address for receiving an activation code or link or whatever. After some time, a letter comes and the developers are happy to welcome you to their website. What do we have? A forum and a promise that it is totally secure. And what does a hacker have? The PHP and SQL protocols and their vulnerabilities, and everything he needs to crack the password and hack into your account.

There are some common myths associated with passwords:

1. Changing a password will protect you from it being stolen. I'm sorry but it's not true. An experienced hacker knows a lot of ways to crack a password regardless of its recency.

2. Long password with combinations of letters, symbols and numbers are totallz uncrackable. Same thing - it's hardly an obstacle for an Internet genius. The so-called dictionary attacks are less common nowadays.

3. Only experienced nerds with extraordinary knowledge can hack your account. Come on! A 13-year-old could hack Paris Hilton's cell phone (well, it was actually broken into by a 21-year-old, but the point stands)!

PasswordPassword

Let's return to our forum hacker. You've logged in somewhere and your e-mail is known. You may think, 'Ok, but I have a super-secure password!' Don't nourish the hope that you're safe. There are a lot of ways to circumvent passwords without actually cracking them. The easiest one is to use the option of resetting the password through a secret question. As a rule, a secret question and its answer contain some simplest information, basically the first thing that comes to your mind. And as a rule it's something that a hacker can easily guess. And even if he doesn't want to play this game, he can find a program that will help him crack an account and divulge all the necessary information. Programs that help hackers do that work as follows: you send a module to a 'victim' via e-mail, and it will scan all the information and make screenshots.

Here are some useful tips for keeping password (and, in turn, your account) secure:

1. Make your password more diverse: different big and small letters that don't make any particular sense, numbers and symbols. If it doesn't completely prevent your password from cracking, it will at least make the hacker work for it.

2. Use different passwords for different websites and accounts (I can't force myself to do it, though). If you're afraid to forget all these strings of symbols, use special programs for storing your passwords, like for example SCARABAY.

3. Make answers to your secret questions more sophisticated, something that is hard to guess.

These simple steps will at least put some obstacles in hacker's way and more or less prevent your computer from attacks.

Have you ever been hacked?

Comments

As a rule, a secret question and its answer contain some simplest information, basically the first thing that comes to your mind. And as a rule it's something that a hacker can easily guess. And even if he doesn't want to play this game, he can find a program that will help him crack an account and divulge all the necessary information. Programs that help hackers do that work as follows: you send a module to a 'victim' via e-mail, and it will scan all the information and make screenshots.

 –  8 years ago  –  Was it helpful? yes | no (0)

It's such a problem when you're hacked. You need to change a password, confirm it through your email...

 –  8 years ago  –  Was it helpful? yes | no (+1)
Ann

Yes, but really try to do my best to avoid such things.

 –  8 years ago  –  Was it helpful? yes | no (-1)
Marisa Therezza

Sometimes it happens. Now I feel a bit scared as no personal account is secure against intrusion. I hate this idea)

 –  8 years ago  –  Was it helpful? yes | no (0)

I agree that there are a lot of ways to steal a password and we can't prevent ourselves from it. I think we just should be more careful and use different passwords for different sites and forums. Otherwise it will be too easy for hackers to know all necessary information.

 –  8 years ago  –  Was it helpful? yes | no (+1)
Muhammad Hassan

Almost.

 –  8 years ago  –  Was it helpful? yes | no (+2)

Yup. An instant message from a trusted friend popped up as I began to type my password to log into my email account, and for the next month my friends were getting phishing links via IMs sent from my account. Thankfully, one of them eventually let me know this was going on, and I was able to terminate the foul play by changing my password.

 –  8 years ago  –  Was it helpful? yes | no (+2)

Moral of the story-- watch the screen, not the keyboard, when logging in! Make sure you've typed in the proper window before hitting ENTER.

 –  8 years ago  –  Was it helpful? yes | no (+1)
D. Yessa

Ain't you a hacker? If no — what's the reason not to mention the most common way to steal all of your passwords? Thousands of passwords are stealed every day (hundreds of thousands — in lucky days). And neither of your tips would have effect.

I mean trojans and other stuff getting through OS vulnerabilities that appear every several weeks (as for Windows) or every several months (as for OS X and Linux) uncatchable by antiviruses. Are you sure the device you're using now has Automatic Updates turned on?

 –  8 years ago  –  Was it helpful? yes | no (0)
Keath_Wyszynski

Well, there are virtually no ways to prevent stealing your passwords from the Web as many network procotols transfer them in clear text, which is definitely not good. I mean, you secure your passwords on your own machine, that's true, but as soon as you start surfing on the Web, you can't control how they are transmitted or stored, and I think that is the weakest point of any security policy nowadays.

 –  8 years ago  –  Was it helpful? yes | no (+1)
D. Yessa

No, passwords are usually transfered in secure way. Every popular site requiring authentification (Google, Facebook, Twitter) uses SSL by default.
On the other hand, if you use Windows, you even don't need to know admin password to install a keyboard spy!

 –  8 years ago  –  Was it helpful? yes | no (0)
Keath_Wyszynski

Facebook and Google and Twitter? D'accord, they do encrypt your data. But when somebeody hacks the Steam user base and finds out they have been stroing their users' authentication information in clear text... You get it =-)

 –  8 years ago  –  Was it helpful? yes | no (+1)
D. Yessa

I thought the question was about methods of ensuring security by *me*

 –  8 years ago  –  Was it helpful? yes | no (-1)
Keath_Wyszynski

The problem is that no matter what you do they always can get you. Sad but true.

 –  8 years ago  –  Was it helpful? yes | no (+2)