1.6.10
Authentication: Passwords
Test your knowledge with free interactive questions on Seneca — used by over 10 million students.
Cracking Passwords
Many hackers focus their attention on cracking passwords to overcome authentication mechanisms.
Cracking passwords
- Authentication is the name for any methods which allow users to prove that an account is theirs.
- The most common authentication method is using a password.
- Many hackers want to find people's passwords, so that they can gain access to accounts:
- Finding people's passwords is called cracking the password.
The brute force attack
- A brute force attack tries to crack a password by trying every single combination of letters and numbers until the correct one is found.
- This can take a very long time, although special software is used to do this which makes it possible to make millions of attempts per second.
The dictionary attack
- A quicker form of the brute force attack is the dictionary attack.
- Rather than attempting every single combination, a dictionary attack tries words from a predetermined list:
- A common dictionary to use would be a list of common passwords.
Protection against cracking
- Writing a network policy which enforces strong passwords can protect against dictionary attacks.
- Using two-factor authentication can prevent the hacker from logging in, even if they have the password.
- Restricting the number of failed password attempts before an account is 'locked' for a fixed period of time can deter hackers.
Passwords
Passwords are one method of providing authentication.
Purpose of passwords
- Passwords help to prevent unauthorised users from accessing a device or network.
- Passwords are one of the simplest authentication methods.
Issues with passwords
- Passwords are only effective if:
- They remain secret.
- The password is strong against brute force attacks.
- Stronger authentication systems can be created by implementing features such as two-factor authentication.
Principles of a strong password
- A strong password should:
- Be long.
- Use letters, numbers, and symbols.
- Be changed regularly.
- Never be written down.
1Computer Systems
1.1Data Representation
1.1.1Binary Numbers1.1.2Negative Binary Numbers1.1.3Hexadecimal1.1.4Using Hexadecimal1.1.5Converting Binary & Hexadecimal1.1.6Converting Denary & Hexadecimal1.1.7Capacity1.1.8Calculating Capacity Requirements1.1.9Binary in Computer Systems1.1.10Data Compression1.1.11Run Length Encoding1.1.12File Formats
1.2Data Transmission
1.3Hardware
1.3.1Elements of Computer Systems1.3.2Types of Computer System1.3.3Von Neumann Architecture1.3.4The Fetch, Decode, Execute Cycle1.3.5Factors Affecting CPU Performance1.3.6Computational Logic1.3.7Input Devices1.3.82D & 3D Scanners1.3.9Code Readers1.3.10Solid State Storage1.3.11Magnetic Storage1.3.12Examples of Magnetic Storage1.3.13Optical Storage1.3.14Examples of Optical Storage1.3.15Types of Optical disk1.3.16Storage Requirements1.3.17Translation - Compilers1.3.18Translation - Interpreters1.3.19Translation - Assemblers1.3.20Acoustic Sensors1.3.21Flow Sensors1.3.22Gas Sensors1.3.23Humidity Sensors1.3.24Infrared Sensors1.3.25Level Sensors1.3.26Light Sensors1.3.27Magnetic Field Sensors1.3.28Moisture Sensors1.3.29pH Sensors1.3.30Pressure Sensors1.3.31Proximity Sensors1.3.32Temperature Sensors1.3.33Network Hardware
1.5The Internet & its Uses
1.6Cyber Security
1.6.1Forms of Attack1.6.2Penetration Testing1.6.3Types of Malware1.6.4How Malware Spreads1.6.5Protecting Against Malware1.6.6Information Security1.6.7Structured Query Language (SQL) Injection1.6.8Firewalls1.6.9Authentication: User Access Levels1.6.10Authentication: Passwords1.6.11Social Engineering1.6.12Phishing1.6.13Denial of Service Attacks
1.7Automated & Emerging Technologies
2Algorithms, Programming & Logic
2.1Algorithm Design & Problem Solving
2.1.1Computational Thinking - Abstraction2.1.2Computational Thinking - Decomposition2.1.3Computational Thinking - Algorithmic Thinking2.1.4Pseudocode2.1.5Flow Diagrams2.1.6Interpreting, Correcting & Completing Algorithm2.1.7Correcting Algorithms2.1.8Completing Algorithms2.1.9Testing2.1.10Types of Testing2.1.11Test Plans2.1.12Validation & Sanitation2.1.13Authentication & Contingencies
2.2Programming
2.2.1Programming Fundamentals - Variables & Constants2.2.2Programming Fundamentals - Comments2.2.3Programming Fundamentals - Input & Output2.2.4Data Types2.2.5Casting2.2.6Controlling Program Flow - Sequence2.2.7Controlling Program Flow - Selection2.2.8Controlling Program Flow - Iteration2.2.9Modularity - Subroutines2.2.10Modularity - Scope2.2.11Arrays
Jump to other topics
1Computer Systems
1.1Data Representation
1.1.1Binary Numbers1.1.2Negative Binary Numbers1.1.3Hexadecimal1.1.4Using Hexadecimal1.1.5Converting Binary & Hexadecimal1.1.6Converting Denary & Hexadecimal1.1.7Capacity1.1.8Calculating Capacity Requirements1.1.9Binary in Computer Systems1.1.10Data Compression1.1.11Run Length Encoding1.1.12File Formats
1.2Data Transmission
1.3Hardware
1.3.1Elements of Computer Systems1.3.2Types of Computer System1.3.3Von Neumann Architecture1.3.4The Fetch, Decode, Execute Cycle1.3.5Factors Affecting CPU Performance1.3.6Computational Logic1.3.7Input Devices1.3.82D & 3D Scanners1.3.9Code Readers1.3.10Solid State Storage1.3.11Magnetic Storage1.3.12Examples of Magnetic Storage1.3.13Optical Storage1.3.14Examples of Optical Storage1.3.15Types of Optical disk1.3.16Storage Requirements1.3.17Translation - Compilers1.3.18Translation - Interpreters1.3.19Translation - Assemblers1.3.20Acoustic Sensors1.3.21Flow Sensors1.3.22Gas Sensors1.3.23Humidity Sensors1.3.24Infrared Sensors1.3.25Level Sensors1.3.26Light Sensors1.3.27Magnetic Field Sensors1.3.28Moisture Sensors1.3.29pH Sensors1.3.30Pressure Sensors1.3.31Proximity Sensors1.3.32Temperature Sensors1.3.33Network Hardware
1.5The Internet & its Uses
1.6Cyber Security
1.6.1Forms of Attack1.6.2Penetration Testing1.6.3Types of Malware1.6.4How Malware Spreads1.6.5Protecting Against Malware1.6.6Information Security1.6.7Structured Query Language (SQL) Injection1.6.8Firewalls1.6.9Authentication: User Access Levels1.6.10Authentication: Passwords1.6.11Social Engineering1.6.12Phishing1.6.13Denial of Service Attacks
1.7Automated & Emerging Technologies
2Algorithms, Programming & Logic
2.1Algorithm Design & Problem Solving
2.1.1Computational Thinking - Abstraction2.1.2Computational Thinking - Decomposition2.1.3Computational Thinking - Algorithmic Thinking2.1.4Pseudocode2.1.5Flow Diagrams2.1.6Interpreting, Correcting & Completing Algorithm2.1.7Correcting Algorithms2.1.8Completing Algorithms2.1.9Testing2.1.10Types of Testing2.1.11Test Plans2.1.12Validation & Sanitation2.1.13Authentication & Contingencies
2.2Programming
2.2.1Programming Fundamentals - Variables & Constants2.2.2Programming Fundamentals - Comments2.2.3Programming Fundamentals - Input & Output2.2.4Data Types2.2.5Casting2.2.6Controlling Program Flow - Sequence2.2.7Controlling Program Flow - Selection2.2.8Controlling Program Flow - Iteration2.2.9Modularity - Subroutines2.2.10Modularity - Scope2.2.11Arrays
Practice questions on Authentication: Passwords
Can you answer these? Test yourself with free interactive practice on Seneca — used by over 10 million students.
- 1What is a brute force attack?Multiple choice
- 2Which of these is true of a dictionary attack?True / false
- 3A strong password should:Fill in the list
- 4How can stronger authentication systems be developed?Multiple choice
Unlock your full potential with Seneca Premium
Unlimited access to 10,000+ open-ended exam questions
Mini-mock exams based on your study history
Unlock 800+ premium courses & e-books