Making Strong Passwords
Making Strong Passwords
Name
University
Professor Name
Course Name
Date
Making Strong Passwords In today’s society, computer-based user accounts that require a username and password are very common in workplaces, schools, and homes for various applications. E-mail accounts, online bank accounts, social networking profiles, and many other instances of private information are all secured by user created passwords. With so much data at risk, it should be safe to assume people would generate passwords worthy of protecting their assets. However, a study performed by Burnett (2006) of millions of passwords revealed that the top five-hundred user passwords were significantly weak and at extremely high risk of theft. In order to properly safeguard user accounts and associated data, users must disregard sub-par password creating practices and learn to create unique, complex, and robust passwords. A concrete understanding of the composition of a weak password is required prior to attempting development of a strong password. A weak password can be easily guessed, cracked, or stolen for one or several reasons. Examples of weak passwords and explanations of why these passwords are weak will be provided in the next five paragraphs. By avoiding these mistakes, users can strengthen their passwords and ultimately provide better protection of sensitive information. A password should never consist of regular words that can be found in the dictionary like “soccer” or “watermelon” (Burnett, 2006). First, passwords that consist of common words have the potential to be guessed with enough attempts by a hacker, also known as a brute force attack (Bahadur, Chan, & Weber, 2002). Second, passwords that are dictionary words are vulnerable to another type of brute force attack called a dictionary attack (Nemati, 2011). A dictionary attack is an attack in which a hacker uses software to attempt to guess a password by entering every word in the dictionary
Name
University
Professor Name
Course Name
Date
Making Strong Passwords In today’s society, computer-based user accounts that require a username and password are very common in workplaces, schools, and homes for various applications. E-mail accounts, online bank accounts, social networking profiles, and many other instances of private information are all secured by user created passwords. With so much data at risk, it should be safe to assume people would generate passwords worthy of protecting their assets. However, a study performed by Burnett (2006) of millions of passwords revealed that the top five-hundred user passwords were significantly weak and at extremely high risk of theft. In order to properly safeguard user accounts and associated data, users must disregard sub-par password creating practices and learn to create unique, complex, and robust passwords. A concrete understanding of the composition of a weak password is required prior to attempting development of a strong password. A weak password can be easily guessed, cracked, or stolen for one or several reasons. Examples of weak passwords and explanations of why these passwords are weak will be provided in the next five paragraphs. By avoiding these mistakes, users can strengthen their passwords and ultimately provide better protection of sensitive information. A password should never consist of regular words that can be found in the dictionary like “soccer” or “watermelon” (Burnett, 2006). First, passwords that consist of common words have the potential to be guessed with enough attempts by a hacker, also known as a brute force attack (Bahadur, Chan, & Weber, 2002). Second, passwords that are dictionary words are vulnerable to another type of brute force attack called a dictionary attack (Nemati, 2011). A dictionary attack is an attack in which a hacker uses software to attempt to guess a password by entering every word in the dictionary
References: Bahadur, G., Chan, W., & Weber, C. (2002). Privacy defended: Protecting yourself online. Indianapolis, IN: Que. Burnett, M. (2006). Perfect passwords: Selection, protection, authentication. Rockland, MA: Syngress. Gupta, M., & Sharman, R. (2009). Social and human elements of information security: Emerging trends and countermeasures. Hershey, PA: IGI Global. Nemati, H. R. (2008). Information security and ethics: Concepts, methodologies, tools, and applications (Vols. 1-6). Hershey, PA: IGI Global. Nemati, H. R. (2011). Security and privacy assurance in advancing technologies: New developments. Hershey, PA: IGI Global. Vacca, J. A. (2010). Network and system security. Burlington, MA: Elsevier.