Hackers may already know your password. In a previous post, I wrote about guess attacks by hackers on your password. In this brief post I’m going to write about another method that an attacker could use to get your password. So by now, you’ve already made the important decision to use a different password for your facebook account than you do for your online banking. Good. Still, users often choose weak passwords. I listed some examples of ‘guessable passwords’ in the previous post. There are of course some additional simple examples that hackers can target in what is called a Dictionary Attack.
How can a dictionary attack be used to guess my password?
If your password is a single word which can be found in a dictionary, if it is a given name or family name or if it is too short (generally even six or seven characters is too short), or if your password fits into a criteria that attackers would call predictable (eg, patterns of alternating vowels and consonants, alternating numbers and letters etc). Password research over some 40 years has demonstrated that around 40% of user-chosen passwords are readily guessable by sophisticated cracking programs armed with dictionaries and, perhaps, the user’s personal information
Hackers can use readily available cracking programs into which they enter personal information about the user being attacked and generate common variations for passwords suggested by that information.
If you’ve been following the articles here on information carnivore in the ‘password’ category than you are now able to make some wise password choices. But there is one other form of attack that may be used to gain your password. Brute Force Attacks…