Common security threats – Password Cracking

The first key to any effective security game plan is knowing what you’re up against. We decided to share some of our knowledge and create for you a set of short, informative but simple blogs where you’ll learn all about ten of the most common threats your company is likely to face. While by no means comprehensive, these blogs can help you better understand some of the tactics being directed against you and your users, along with the specific reasons you’re potentially vulnerable to each.

From phishing to ransomware to distributed denial of service (DDoS) attacks, the more you know about these threats, the better. They’re some of the leading causes of data breaches, downtime, and a severe lack of sleep 🙂

What it is:

A login and password aren’t what most people think it is. It’s a complicated set of processes that can involve multiple systems, secure transport to and from the servers, a trusted network of server identity assurance and revocation, code to evaluate the complexity of the user-generated password, more code to make sure the person entering the code is indeed a human, a secondary factor of authentication, and a means to recover lost passwords. So password cracking is more than just running a program to guess the password — it’s about cracking the password process to take over a user’s account.

What makes protection a challenge:

Any system that allows users to access it from anywhere and also requires those users to make, safeguard, and remember their passwords is a system that’s going to be difficult (if not impossible) to defend. According to what OSSTMM researchers refer to as “The Somebody Sequence,” the more interaction somebody has in the security process, the higher its attack surface. Asking employees to manage their passwords is like giving them full control over the keys to an important lock. You can purchase one of the strongest locks money can buy, but how secure can it ultimately be if there are keys for it floating around everywhere?

Want to discuss it further, contact us today!

Stay tuned!

Right in your email inbox
Useful data from iRangers Experts

Subscribe to our mailing list and get interesting updates and tips.

Leave a Reply

Your email address will not be published. Required fields are marked *