How are passwords cracked? How can you improve your password security?
Cyber security attackers use a variety of techniques to discover passwords, including using powerful tools freely available on the internet.
The following UK National Cyber Security advice makes password security easier for your users – improving your system security as a result.
Click the image below to download the infographic, or scroll further to read the text version.
Use this image on your site
How are passwords cracked?
Personal information, such as name and date of birth, can be used to guess stored password information.
Insecurely stored passwords can be stolen – this includes handwritten passwords hidden close to a device.
Passwords can be intercepted as they are transmitted over a network.
Attackers use social engineering techniques to trick people into revealing passwords.
Someone observing an individual typing their password into a device.
IT infrastructure can be searched for electronically.
Automated guessing of billions of passwords until the correct one is found.
An installed keylogger intercepts passwords as they are typed.
How can you improve your password security?
Blacklist the most common password choices.
Don’t store passwords in plain text format.
Monitor failed log-in attempts.
Train users to report suspicious activity.
Change all default vendor supplied passwords before devices or software are deployed.
Prioritise administration and remote user accounts.
Use account lockout, throttling or monitoring to help prevent brute force attacks.
Are you looking to increase the awareness of cyber security within your organisation? Read more about Littlefish’s Cyber Security services.