Don't Fall Victim to Brute Force Password Cracking

    Don't Fall Victim to Brute Force Password Cracking

    When it comes to digital security, there are all kinds of platforms, software and protocols you could use to keep yourself safe. However, no matter what you decide on, the efficacy of your choice will always boil down to a password of some sort. This is where hackers can strike. Even if you have a virtual army of protection working to keep your sensitive data secure, that one hacker who finds the way to gain a password could slip by it all undetected.

    The Use of Brute Force

    Although one of the most common forms of hacking these days is to leverage social engineering, that method isn’t always effective. More and more people are simply learning to verify whom they’re speaking to and not give out any information to anyone they don’t know.

    That doesn’t mean those of us with common sense are immune to these malicious people though. Hackers may very well move on to brute force password cracking. For others, it’s their method of choice.

    Brute force password cracking relies on a specific type of software. Basically, what it does is go through every combination of words and numbers possible, entering them in over and over until the right password is typed. This might sound impossible, but it’s been documented time and time again. It might also sound like this type of hacking would be impractical. However, when you consider that this software can easily put in 50 attempts every minute, you’ll appreciate that usually this type of program only needs a few hours or days to get the job done.

    Computing Passwords Are Becoming More Trivial

    This is why you can only expect so much from the passwords you use. You’ve probably been told that in order to keep your information safe, you need a complex password.

    Keep in mind, too, that just like any type of software, this kind is always evolving as well. Instead of just starting at “a”, then “aa”, then “aaa”, there are versions that will begin with more common combinations, like actual words, in order to hit their target that much quicker. In any case, the process is completely automated, meaning a hacker can go after several targets at the same time without actively doing anything.

    To really hammer home the point of how useless passwords are becoming if used all by themselves, think about encryption. You probably use it to make sure your most sensitive information can be shared without prying eyes getting to it. Well, even encryption depends on a password. With brute force password cracking, one of your best defenses against hackers could be tossed aside in a matter of hours if you’re relying on a password in the traditional sense.

    Fortunately, there are some very user-friendly solutions you can use to turn the tables on brute force password cracking. Below are some methods that will make this type of hacking the one that is useless and restore power to using passwords.

    Password Management

    First, let’s begin with password management. Always use very long, very complex passwords. We’ll provide more tips below, but as we said at the beginning, passwords will always be a part of the equation. At least make sure yours is tough to crack.

    One great way to do this is with a favorite saying or motto you love. That will be nice and easy to remember. Then take out the first letter of every word. “The bigger they are, the harder they fall” would become: “tbtathtf.” See why that would be harder to crack than just “Smith85”? This one also works well, because passwords get strong at eight characters.

    Adding more letters will slow brute force attacks to a crawl, but that can be difficult and end up making life harder on yourself. Again, keep it easy on yourself and just add the name of the software or website. If I were trying to sign into Gmail, “tbtathtf” would turn into “tbtathtfGmail.”

    For an extremely strong password, you want to get to at least 15 characters. Microsoft Windows doesn’t store any scrambled passwords over 15 characters in hidden files. For a lot of people, just adding their name to a password will do it and is obviously very easy to remember.

    Multi-Factor Authentication

    To really fight back against brute force password cracking, simply require more than just a password. The more you demand, the more work the software has to do in order to get through your security.

    MFA (multi-factor authentication) software can do this a number of ways. However, it always revolves around multiple factors of identification. You can still make this easy on yourself, though. Many platforms will give you security questions to answer, then present you with one or two every time you try to sign in.

    Just use the advice above to keep every answer good and complex. Think about switching out “a” with “@” for all of them or “I” with “!”, whatever works to make brute force cracking more difficult by creating passwords that are tough to predict.

    Single Sign-On

    Now, if you really take your security seriously, SSO is the way to go. Single sign-on software allows you to use multiple passwords for basically anything you need one for, whether it be a workstation, website, email, or whatever.

    What is genius is that you no longer have to worry about remembering them all. A lot of times, having to do so is why people choose really simple passwords that prove to be ineffective.

    With SSO, meet SSO requirements and it will take care of all the rest. The software itself doesn’t have an online component, so it will be difficult to use brute force against it. Nonetheless, play it safe and use the above tips to create a sufficiently complex password. Then, go ahead and make the most ridiculously complex passwords for everything else, knowing you won’t actually have to remember them later.

    While it’s definitely scary thinking about the potential of brute force attacks, you don’t need to be a victim.

    Ready to Get Started?

    Let's Talk