Internet Passwords – a Look From Inside!
You know, it has occurred to me recently that our life consists of passwords. Credit cards, user accounts, safety deposit boxes - you need passwords to gain access to all these things. Well, you'd think they prevent your private life from being hacked into, but I have to quench your hopes a little bit.
I'm sure that an average person doesn't mind visiting different forums and chats. Neither do I. We don't think that it can be dangerous. Just remember the standard procedure of creating an account: you're required to provide an e-mail address for receiving an activation code or link or whatever. After some time, a letter comes and the developers are happy to welcome you to their website. What do we have? A forum and a promise that it is totally secure. And what does a hacker have? The PHP and SQL protocols and their vulnerabilities, and everything he needs to crack the password and hack into your account.
There are some common myths associated with passwords:
1. Changing a password will protect you from it being stolen. I'm sorry but it's not true. An experienced hacker knows a lot of ways to crack a password regardless of its recency.
2. Long password with combinations of letters, symbols and numbers are totallz uncrackable. Same thing - it's hardly an obstacle for an Internet genius. The so-called dictionary attacks are less common nowadays.
3. Only experienced nerds with extraordinary knowledge can hack your account. Come on! A 13-year-old could hack Paris Hilton's cell phone (well, it was actually broken into by a 21-year-old, but the point stands)!
Password
Let's return to our forum hacker. You've logged in somewhere and your e-mail is known. You may think, 'Ok, but I have a super-secure password!' Don't nourish the hope that you're safe. There are a lot of ways to circumvent passwords without actually cracking them. The easiest one is to use the option of resetting the password through a secret question. As a rule, a secret question and its answer contain some simplest information, basically the first thing that comes to your mind. And as a rule it's something that a hacker can easily guess. And even if he doesn't want to play this game, he can find a program that will help him crack an account and divulge all the necessary information. Programs that help hackers do that work as follows: you send a module to a 'victim' via e-mail, and it will scan all the information and make screenshots.
Here are some useful tips for keeping password (and, in turn, your account) secure:
1. Make your password more diverse: different big and small letters that don't make any particular sense, numbers and symbols. If it doesn't completely prevent your password from cracking, it will at least make the hacker work for it.
2. Use different passwords for different websites and accounts (I can't force myself to do it, though). If you're afraid to forget all these strings of symbols, use special programs for storing your passwords, like for example SCARABAY.
3. Make answers to your secret questions more sophisticated, something that is hard to guess.
These simple steps will at least put some obstacles in hacker's way and more or less prevent your computer from attacks.
I mean trojans and other stuff getting through OS vulnerabilities that appear every several weeks (as for Windows) or every several months (as for OS X and Linux) uncatchable by antiviruses. Are you sure the device you're using now has Automatic Updates turned on?
On the other hand, if you use Windows, you even don't need to know admin password to install a keyboard spy!