19 Nov, 2021
In the world of Digitalization, information privacy is the utmost requirement of any internet citizen. From a mere to a severely important document password protection is the most critical and important part that has to be looked out while the inception of any of the activities on the internet.
Going by the definition of passwords is your personal key to the system. It ensures the authority of an individual over data protection and hence helps to determine the accountability for all the activities taking place with the data and the system resources. By putting a valid password, you an individual can get complete access and authentication to a computer information system.
Hence, in today's times the usefulness of the passwords is of optimum importance. Authentication of individuals as valid users, is via the use of the use of the valid passwords. Each user is accountable for the confidentiality, selection and changing of the password required for the purpose of the access to the resources.
Information Privacy can be at stake with various attacks that could be used by the hackers to create a database of the even hashed passwords that can be exposed. These attacks can be stated as:
- Brute Force Attack: This attack tries to attempt each and every combination that can be of the users. The hackers use software to try as many choices as possible in the shortest time.
- Dictionary Attack: As the name suggests, the hacker literally uses a dictionary to guess the password of the user. Predictable, and obvious words that are predetermined from the dictionary are taken into account.
- Phishing Attack: In this case, a fraud link is shared with the user through text messages, email or any other process. As soon as the user opens the link, he/she is instructed to fill the Login Id and Password. Upon following the instruction, the hacker gets access to all the information of the user which is highly vulnerable.
Now that the information about the attacks that can take place to hack the user password have been clear. Steps to protect password from being hacked becomes highly important and tricky as well. Picking a perfect password is very important. Bad or weak passwords jeopardize the information that they are supposed to prevent data leakage.
There are a variety of techniques that can be used while creating a password. They are;
- Passwords should not be based on well-known and easily accessible information
- Passwords should contain atleast 9 characters
- Passwords should contain atleast 1 Uppercase Character
- Passwords should contain atleast 1 Lowercase Character
- Passwords should contain atleast 1 Numeric Character
- Using of Symbols or Unique Characters should be encouraged (!@#$%^&)
- Passwords should not be personal information of the user
- Passwords should not be normally found in standard dictionaries or any jargon
- Passwords should not be predictable, obvious and trivial
- Passwords should not be any famous film/cartoon character or geographical location
The steps of knowing how to prevent password from being hacked can be very easily stated in the following manner:
- Passwords should be treated as a confidential document. No one should be given a hint of the password used.
- Passwords should not be transmitted electronically over the unprotected internet source.
- No one should be keeping an unsecured written document of the password anywhere.
- One should not use the feature of “Remember Password” in any of the applications.
- "Hot Key" should not be created in case of the password.
- Two factor authentication features should be enabled in each and every password protected document.
- The attribute of the OTP (One Time Password) verification code should be implemented in each password protected document. The OTP would help you to understand the vulnerability component of the document.
- Passwords are sometimes saved in the Password Managers. These Password Manager services are provided by Google Account and other various browser mail service providers. These are mostly created to help the user remember their password. It is not recommended to save passwords in the password manager as it can be compromised in any factor.