Social Icons

Showing posts with label weak passwords. Show all posts
Showing posts with label weak passwords. Show all posts

Saturday, June 01, 2013

Your passwords can be cracked easily if less then 16 Characters now!!!!

1.    When the IT security big bang of Do's and Don'ts started some years back it was widely advertised to the Cyber masses to keep their respective passwords any thing more then 8 characters with a mix and match of capitals and smalls with special characters...then this was increased to 10 and last heard it was 15...and was told that 15 character password which is not dictionary based will take years and is actually uncrackable...

2.  As recent as 4 days back,a team of 3(your read it rite it's three) hackers has been able to crack more than 14,800 supposedly random passwords from a list of 16,449 by simply brute forcing!!!!

Image courtesy : http://www.buzzquake.com/tag/brute-force-attacks/
3.   In December it was unveiled by Jeremi Gosney, the founder and CEO of Stricture Consulting Group, that a 25-computer cluster can cracks passwords by making 350 billion guesses per second. It can try every possible word in less than six hours to get plain text passwords from lists of hashed passwords...the word of significance is that you do not need high end machines and east-west architecture to build this kind of IT infra...it is simply a cluster of machines processing power...

4.   The general user in the cyber space like you and me have actually no control over which hashing process websites use and therefore remain at the mercy of an algorithm all would invariably be clueless about...so if you are concerned about security and your email id and password which is the key for so many transactions in your routine life.long passwords are the best defense....and not simply long it has to be a mix match of numerics,capitals,smalls and special characters!!!.

5.  All the best to all of us...keep surfing but avoid drowning!!!! :-)Thanks http://thehackernews.com

Thursday, December 13, 2012

FACEBOOK : The New Playground @ Dangerous

1.    It does not date back long in the past time corridors when I as a kid used to go to play grounds in the evening to play with my friends...meet them....fight with them...abuse them...get abused and then get back home for studies and prepare for next days school work and the cycle repeated every day...week and months.But what happens today with a typical metro kid....a school child in the bracket age of 10+ goes to Facebook to play with friends...he meets them.....abuses them at times...gets abused on the wall or vide posts.So more or less....things stand at the same place ,only the grounds have changed.First it was the actual play grounds and now it is all getting virtual.....blame it on lack of infrastructure with concrete eating much of space in metro's or lack of parental monitoring owing to their ultra busy lives.....for the new era generation...social networking sites like Facebook is the new PLAYGROUND.....the virtual one for a change!!!!


2.    So the rules remain the same....ie we have our social circle like we used to have in past...we meet vide post and comments...we like each other for something and dislike each other for some thing...here we cannot shake hands and hug each other but yess we can take grudges out of each other via so many means like hacking....cyber bullying...post hatred... cyber stalk...mobbing...sexting,internet trolling etc...the list is actually endless and the related terminology is on a phenomenal increase.So a typical new gen kid for whom Facebook kind social networking sites are the new playground to play....the proneness to the bad elements in the society remains actually higher then in past....for here it is just a matter of few compromised screenshots...hacked passwords and the kid is on way to become a victim...

3.   The recent case of Amanda Todd is indeed beginning of such sad but many in line expected incidents waiting to happen....today we may allow our kids to have a Facebook account or some social networking website account but without effectively monitoring the kid remains as prone as Amanda Todd.For this to happen the parent have to have basic IT IQ quotient to monitor to avoid any such incident.Like past when a child could be left at home assuming safe..it does not remain the same today....he has access to smartphones....he has access to tablets...internet via so many means.Even basic forensic knowledge possessed by the parents is bound to fail if the same is happening in Cloud rather then on the machine at home...

4.   Its time for the parents to equip themselves with the tools and knowledge required to monitor and watch the kids...also realizing that today's kids are more smarter in terms of grabbing the technology then ever....if you have reached reading till here...u must read the complete story here

Sunday, April 03, 2011

The weak password problem : Now solved????

1.    We are part of the first phase of IT revolution across the globe where every thing is happening....methods to secure...methods to hack....stronger and powerful servers....patching vulnerabilities....fighting malware....analysing stuxnets genre...and what not....every thing is happening.....now the following text (org from http://lanl.arxiv.org/abs/1103.6219) opens another dimension to make the passwords secure.....

"Vulnerabilities related to weak passwords are a pressing global economic and security issue. We report a novel, simple, and effective approach to address the weak password problem. Building upon chaotic dynamics, criticality at phase transitions, CAPTCHA recognition, and computational round-off errors we design an algorithm that strengthens security of passwords. The core idea of our method is to split a long and secure password into two components. The first component is memorized by the user. The second component is transformed into a CAPTCHA image and then protected using evolution of a two-dimensional dynamical system close to a phase transition, in such a way that standard brute-force attacks become ineffective. We expect our approach to have wide applications for authentication and encryption technologies."

2.    Thanks http://lanl.arxiv.org
Powered By Blogger