A password is a secret string combination of characters, numbers, and special characters which proves the authenticity of any user at the time of login. A password is associated with the username. It has to be strong and non-guessable. According to studies, these many percentages of users are still using very weak passwords which are either guessable or easily breakable by any kind of dictionary attack available online. Password cracking is an important part of CEH Training and Penetration Testing.
We have the tendency to make passwords which consist information related to us like birthdays, name etc so that it could be easily remembered. Easier the password is the more easily it can be cracked.
A weak password takes a few minutes to get cracked where as a strong one is very hard sometimes may take years and years depending upon the capacity of the system.
A strong password …
- It has to be at least 8 characters in length.
- It should contain at least one uppercase and one lowercase character.
- It should have at least one special character e.g.$, #, _,] etc.
- It must contain one number as well.
- It should not contain personal information which is guessable by hackers.
For Example
In the Mother’s House could be !nTm0M$h6
Passwords are stored in the form of hashes in databases. A hacker has to crack those hashes with various algorithms. Once these hashes are cracked these passwords will be stored in the dictionary which is publicly available It is advisable that do not share your password with anyone and avoid typing your passwords on public computers. Do not write your password anywhere and change it in every three to six months.