UNIT4-QUESTION2


1. Passwords

Despite cutting edge cyber security technologies passphrases and passwords are the most common security measures to protect our devices and accounts.  A password is a secret word or combination of letters or numbers (a string of characters) used for authenticating a user to give them the right to access information on a computer system.

 

What are the most common passwords used on the Internet? Have a look at this list to see if your passwords are there – https://en.wikipedia.org/wiki/List_of_the_most_common_passwords.

In 2019, ‘123456’ was the most commonly used password with 23.2 million accounts using this easy-to-crack password! ‘Qwerty’ and ‘password’ were also used by more than 3 million accounts.

2. Passphrase

A passphrase is similar to a password in usage, but it is longer and more secure. There are different guidelines to determine the length of a passphrase. Most passphrases have a minimum requirement of 14 characters. A passphrase can be a phrase that the user can easily remember but is difficult to be guessed by others. Passphrases can have upper and lower case characters, blanks and special characters. Some example passphrases are “I love ice cream and hot chocolate but not vegetable soup” or “#JumpinginpuddlesisFUN!”.

The table above demonstrates the time it takes to crack a password when using characters in alphabetical sequence.  The time would change if the characters were in random order. Try entering the password in reverse or out of sequence into the website. What do you notice about the time it takes?
As a security strategy, login systems often have a limit on the number of times an incorrect password can be entered. This prevents hackers from guessing passwords. If the user genuinely forgets the password, they can reset it using common security questions or other authentication techniques like Two-factor Authentication which will be discussed later in this lesson.
Common security questions, using answers that are private and known to us, can be used to reset passwords when forgotten. Some common questions are:

  • What is your mother’s maiden name?
  • What was the make and model of your first car?
  • What street did you grow up on?
  • What city were you born in?
  • What was the name of your first pet?

Today, there are games and activities on the internet that are used to extract this information. Popular social media memes that entice users to “Find out the name of their alter-ego” or to “Find out their Superhero Name”. These have been identified as a threat that exposes personal information to third parties or other internet users, and could lead to identity theft or fraud. This is because they often ask us to reveal combinations of our personal information, typically those used to reset passwords, such as “Combine the name of your first home address with the name of your childhood pet”. It is believed that hackers and scammers may be behind many of these

social media games. The advice from cyber security experts is that if you can’t resist completing these games, you should only supply fake information.

 

+ There are no comments

Add yours