Let’s face it, most passwords are poorly designed and chances are, one of your passwords is probably pretty easy to guess if someone knew a bit about you…right? Well, this makes the hackers focusing on password attacks quite happy and they wouldn’t want you to change a thing,…
This is exactly why we needed to bring you a few tips to ensure you remain in control and are safe from these three common types of password attacks.
What Is a Password Attack?
Simply put, a password attack occurs when a hacker attempts to steal your password. A hacker who is successful can do anything from uploading malicious malware to your network, to holding your files and information for ransom or even architect the theft of someone’s personal identity.
#1 Brute Force Attack
It has been proven that a hacker can try 2.18 trillion password / username combinations in 22 seconds*A brute force attack occurs when a hacker attempts to use combinations to guess your login details.
You can protect yourself by simply implementing multi factor authentication and creating complex passwords which have nothing to do with you or your organisation.
#2 Dictionary Attack
A dictionary attack occurs when a hacker targets our nature to stick to simple and easy to remember words, often in the dictionary, to try and guess our passwords.
You can protect yourself by not using any words that can be found in a dictionary (e.g. instead of; Dog123, you should create one along the lines of; $oewhwoehc@#12.
#3 Credential Stuffing
Often we are only worried about hackers who have never obtained our details, however, what about those who might have already? This type of attack occurs when a hacker uses a list of previously stolen usernames and passwords from your organisation, and tries to gain entry into an existing account.
To protect yourself, simply ensure all of your staff change their passwords every 30-60 days across all channels.
Conclusion
This isn’t a be-all and end-all list of every way to keep yourself safe from password attacks, however, it is a great start when looking to implement best-practice behaviours to mitigate the risk of a successful password attack happening to you.
As long as you minimise the frequency of reusing passwords, make each one complex and a sentence (not a word) and don’t use any similar variations of ones you have previously used, you will be far ahead of many other organisations and end-users in this regard.