Tuesday, 26 August 2014
A new study by Trustwave, the PCI compliance testing folks, has discovered that easy passwords are still a huge problem despite warnings from IT staff about internet security. Worse still, even short but complex passwords are also easily cracked because today's processors can throw 17.3 billion calculations per second at the problem. Their test comprised of trying to crack over 600,000 passwords they harvested during two years of penetration testing. They were successful in cracking 92% of those passwords within 31 days. So the question becomes, "Okay, then... what makes a good password?" What was it about the 8% that made them safe?
First of all, weak or default passwords are still widely used. Amazingly, a third of the passwords tested were weak or default passwords. If you add to that a test against last year's list of most widely used passwords, you can grab over half. The most common password was,Password1,with,Hello123, password,,Welcome1, banco@1, Training, Password123,and,job12345,not far behind. But those of you who think you're safe with something like,N^a&$1nG,shouldn't get too smug. Because it's only 8 characters, a password like this one took less than 4 days to crack using nothing more than a $2700 computer built for the purpose. As it turns out, the best passwords to protect against cracking attacks are long ones. A password such as,GoodLuckGuessingThisPassword,would take 17 years to crack, so when you need a secure password for any purpose, consider a nice long phrase you can easily remember. It will make your life easier and give the bad guys a headache at the same time.
And a note to IT staff... Don't require your users to change their passwords on a regular basis. It turns out that people will create easier and easier passwords the more times they need to change them.
If you have any questions about Internet security, web design, web hosting, search engine listings or any other related subject, give us a call at 877-397-7605 or contact 111 Web Studio,for more information.
Posted on 08/26/2014 10:08 AM by Customer Service
No comments yet.
To our valued customers, Around 2:00 AM on November 6, 2017 our operations team discovered a failed...
111 Web Studio is pleased to announce that we can now perform formal technology assessments for non-profit...
Do you sell products or services on your website? Then this is for you. Have you ever been looking...
Do you need to show progress of a fund drive and create a buzz amongst your donors? 111 Web Studio has...
Have you searched on Google today? The answer is almost certainly YES. Google now handles about...