Need to work immediately with a few Companies, which means each need to register and use a reliable password. For social networks, for example, also does not hurt good defense ... In general, the topic is more than relevant, so today and talk about what password will quite complicated for hackers how to remember him, as well as how to store a lot of complex passwords Convenient and in a reliable place.
How hackers crack passwords
I immediately remembered the series "Sherlock" (season 4 in January-cheers), where our brilliant detective for just a few attempts was able to solve a very nontrivial password on the phone Irene Adler:
Choose it any random combination of four letters and numbers - even if Sherlock Holmes would have happened. In general, the filmmakers love to insert such scenes (remember any other film with a password with a password), but the most interesting thing is that in life this very much works. This method of hacking is called logic guessing - and is based on well-known information about the user.
If the attacker knows first name, surname and date of birth - He can overload possible combinations in a few minutes and crack the password that uses this information. Well, probably use at least one? :)
By the way, you know which passwords meet most often? In the network I found such a sign with examples of the most popular passwords:
As you can see, mostly these are simple combinations of numbers and letters. The frequency here is not specified, but let's say if at least 1% of users use a primitive password 123456 - How many accounts can hacker hacker on the big service? And if you drive all the well-known popular passwords? That's it…
By the way, there are special password dictionaries that can be downloaded from the Internet. Fortunately, popular sites have long been demanding from users at least minimally complicating introductory data - use capital and lowercase letters, at least a pair of numbers and check that the password is not in the same dictionaries.
Nevertheless, this may not be enough if the hacker has great resources and special programs. So-called method of rough power Allows you to guess passwords with simple bust in all possible combinations, modern possibilities of computers are quite allowed.
The more different characters are used (capital and lowercase letters, numbers, points / dash / commas, etc.) and the longer password - the longer the computer will be needed to check all possible options. How much? Suppose, only lowercase English letters and numbers are used in the password, then the situation is this:
As you can see, password less than 7 characters can be hacked in one day, and 7-character breaks down for a week if the hakra is lucky - even faster. In general, it looks like the complexity of passwords for the method of coarse strength, conclusions I think are obvious.
However, even if you create a good, sophisticated password, there are and bypass Methods for hacking it. For example, an email comes to the mail with the phrase like "Send your password to check for money," of course do this in no case should not! Administration of any site or service never Will not ask your password, he also has in the database.
Another way to get a password is somehow "spill" it. In childhood, when I went to the computer club, it was a real problem - around a bunch of people and enter the password from your game account so that no one spoil him, it was not easy. Cases of theft of gaming currency and things happened :)
Malefactors can also put on your computer troyan programwhich writes that you enter from the keyboard. To protect against such an attack, of course, you need to use antivirus.
Well, now you know the simplest ways of hacking your data. How to defend and create a complex and reliable password from them?
How to create and remember Reliable password
As we have already found out, the password length should be at least 8 characters, and it is very desirable that different types of characters are used in it:
- lower case - a, b, c ...;
- capital letters - A, b, c ...;
- numbers - 0,1,2…;
- punctuation signs - comma, dash, question mark, etc.;
- special symbols - @, #, $,%, etc.
You can check the complexity of the password, for example, on the website of Kaspersky Lab, looks pretty alive:
The password is optional to create manually, there is a bunch of sites where you can do this, simply enter the "password generator" in the search engine - you will give you a large list. Of course, a question arises - and does the Password entered site entered? Even if so, you still need to know the login, and it is unknown, where you will apply the resulting combination.
In order to still calm your paranoia, you can generate a password on the site, and then change some characters in it - the complexity will not change, and the risk of hacking with coarse bust will be still very low.
The problem with the generated passwords is one - to remember at least one is quite difficult, but ideally for each site you need a unique. One of the best ways to simplify the task is to use words in your native language in English layout, diluting them with numbers and signs.
Here is an example of an easy to memorize, but a very high-quality password. Take the Russian noun "Iron" and the logically not related to him verb "Green". As numbers, let's say, there will be a year of birth of a famous writer - Lion Tolstoy, 1828. Well, we will choose an exclamation mark!
We mix a little - and we get such a password - en.u18! Ptktyttn28.I recorded Russian words using English layouts, the year of birth was broken into 2 parts and substituted at the end of each word, and in the middle an exclamation mark. It seems to be nothing complicated, but the password is obtained very high quality:
You can come up with other similar ways to create a password - they will all give an excellent result. However, it still does not help follow the rule 1 site - 1 passwordIt is difficult to remember more than five combinations and not start using them several times. It turns out, the place is necessary for storing important data.
Password Storage Programs
Separately, I want to say that you write on a piece of paper and glued to the monitor - the idea is so-so :)
You can, for example, write passwords into a notebook, but it is not very convenient - each time you need to enter the password manually and even carry it everywhere with you. Yes, and anyone who sees you looking into the notebook and something inserting on the computer will quickly understand what to do with it and can try to steal.
Yet more practical, in my opinion, use a specialized password storage program. First, they can be stored right in the browser - After the first introduction you ask you, you need to save or not:
It is quite convenient, and it is not so easy to access the repository - the main thing in time to update the browser, vulnerabilities are constantly eliminated. Of course, there are also its cons - if someone else uses the computer, it can easily use saved passwords.
In the browser it is quite possible to store not particularly important data - from some accounts on forums or free services, the hacking of which will not cause you much harm.
More valuable data should be kept at least with additional means of protection. For browsers there is a special expansion LastPasswhich makes about the same as the browser itself, but better. The repository itself can be blocked by password, you will need to come up with only one according to the "green iron" method and remember it.
Minus LastPass is that your passwords are still on foreign servers, and if they are hacked (and stories with hacking of the largest corporations say that no one is insured), the data leaks to attackers.
More encouraging experience I received, working with a regular password storage program under Windows - Keepass.. It is free and is based on the open code, which means that many programmers checked it and did not find hidden moves to enable data.
She is English, perhaps this is the only negative, which I found so far. The meaning is so - all passwords are in the database, which is protected by a separate password and key file:
The main password (Master Password) must be very difficult, but since it is one - remember it easier. The password base looks like this:
I have several password groups - mail, forex, social networks, etc., in each of them various records are stored. In principle, everything is easy enough, especially if you know English.
You probably would like to get detailed instructions for using KeePass. Let's like this - if at least 5 different people in the comments ask you to write an article or ask something about the password storage program, I will consider that the audience is interested and will do next week :)
And on this everything! Here you learned basics of creating and storing reliable passwords. Let's check out how things are the readers of the Liberalist :) you need such a site that everyone would use ... I think social networks will fit. So, I ask you with the help of a voting to tell about how difficult the password you use for your favorite social network:
I hope that after my article, the situation will move for the better. Especially if you help disseminate an article among your friends and colleagues:
Friends in general, how are you responsible about passwords? Or think that you should not too clog your head, do not stand the troubles and you can do enough simple? Leave your opinions in the comments.
See you in new articles of Bebinvest! Winter is close ... Please do not get sick.
(Add me in friends
In the social network VK, an excellent security system that protects users from selection of passwords to their pages, even if the attackers recognize the logins from other accounts. In most cases, when the user is "hijacking", the user is to blame, and one of the reasons for this is the simplest password.
What does the simplest password mean? This is a light password, which, as a rule, consists of just a few digits or letters. Here are examples of simple passwords:
- zxcvbn.
- iPhone.
- 88888888
- password.
- andrei.
These are just a few examples, but the essence you caught and this is the main thing. The more difficult, and, it means that the password is more reliable, the lower the likelihood that the account will be opened by intruders.
How to come up with a challenging password for VKontakte?
There are several different ways to come up with a password. We will consider one of the popular and at the same time.
So, first let's determine the number of characters in the password. As a rule, experts advise to use at least 8 characters, but this is the most-minimum (by the way, many users use a 6-digit password at best). And although 8 characters are the minimum length of the recommended password length, the actual number of characters in it should be at least 10-12. Tell me, is it a lot? But the account of the account is hundreds and even thousands of times higher.
Now proceed to creating a password. Remember, it should be both numbers and letters of different regis and even special characters.
The easiest option is to take some Russian word and write it on the Latin layout. For example, a word smartphone On the English layout looks like this - cvfhnajy.. In this word 8 characters. Few? Wait, we have not finished yet.
So, the word cvfhnajy.. We add numbers to him, for example, some memorable. Let it be the figure 201. We get the word cVFHNAJY201.. Just in case we write a password with a capital letter to complicate the task of attackers and get CVFHNAJY201.. Enough? No, you need to add special characters, for example, * . Now our password looks like that - CVFHNAJY201 *, as many as 12 characters, while the password itself is complex, and remember it easily. Of course, it is given as an example and we urge it ultimately not recommended - come up with your own, good, it's easy.
By the way, the password itself just in case you can write down somewhere in a notebook or notebook, and the last remove the ladder as possible from human eyes.
\u003e R »-BGS_ZHV_MWVGA2)
