1.6.10
Authentication: Passwords
Cracking Passwords
Cracking Passwords
Many hackers focus their attention on cracking passwords to overcome authentication mechanisms.
Cracking passwords
Cracking passwords
- Authentication is the name for any methods which allow users to prove that an account is theirs.
- The most common authentication method is using a password.
- Many hackers want to find people's passwords, so that they can gain access to accounts:
- Finding people's passwords is called cracking the password.
The brute force attack
The brute force attack
- A brute force attack tries to crack a password by trying every single combination of letters and numbers until the correct one is found.
- This can take a very long time, although special software is used to do this which makes it possible to make millions of attempts per second.
The dictionary attack
The dictionary attack
- A quicker form of the brute force attack is the dictionary attack.
- Rather than attempting every single combination, a dictionary attack tries words from a predetermined list:
- A common dictionary to use would be a list of common passwords.
Protection against cracking
Protection against cracking
- Writing a network policy which enforces strong passwords can protect against dictionary attacks.
- Using two-factor authentication can prevent the hacker from logging in, even if they have the password.
- Restricting the number of failed password attempts before an account is 'locked' for a fixed period of time can deter hackers.
Passwords
Passwords
Passwords are one method of providing authentication.
Purpose of passwords
Purpose of passwords
- Passwords help to prevent unauthorised users from accessing a device or network.
- Passwords are one of the simplest authentication methods.
Issues with passwords
Issues with passwords
- Passwords are only effective if:
- They remain secret.
- The password is strong against brute force attacks.
- Stronger authentication systems can be created by implementing features such as two-factor authentication.
Principles of a strong password
Principles of a strong password
- A strong password should:
- Be long.
- Use letters, numbers, and symbols.
- Be changed regularly.
- Never be written down.
1Computer Systems
1.1Data Representation
1.1.1Binary Numbers
1.1.2Negative Binary Numbers
1.1.3Hexadecimal
1.1.4Using Hexadecimal
1.1.5Converting Binary & Hexadecimal
1.1.6Converting Denary & Hexadecimal
1.1.7Capacity
1.1.8Calculating Capacity Requirements
1.1.9Binary in Computer Systems
1.1.10Data Compression
1.1.11Run Length Encoding
1.1.12File Formats
1.2Data Transmission
1.3Hardware
1.3.1Elements of Computer Systems
1.3.2Types of Computer System
1.3.3Von Neumann Architecture
1.3.4The Fetch, Decode, Execute Cycle
1.3.5Factors Affecting CPU Performance
1.3.6Computational Logic
1.3.7Input Devices
1.3.82D & 3D Scanners
1.3.9Code Readers
1.3.10Solid State Storage
1.3.11Magnetic Storage
1.3.12Examples of Magnetic Storage
1.3.13Optical Storage
1.3.14Examples of Optical Storage
1.3.15Types of Optical disk
1.3.16Storage Requirements
1.3.17Translation - Compilers
1.3.18Translation - Interpreters
1.3.19Translation - Assemblers
1.3.20Acoustic Sensors
1.3.21Flow Sensors
1.3.22Gas Sensors
1.3.23Humidity Sensors
1.3.24Infrared Sensors
1.3.25Level Sensors
1.3.26Light Sensors
1.3.27Magnetic Field Sensors
1.3.28Moisture Sensors
1.3.29pH Sensors
1.3.30Pressure Sensors
1.3.31Proximity Sensors
1.3.32Temperature Sensors
1.3.33Network Hardware
1.5The Internet & its Uses
1.6Cyber Security
1.6.1Forms of Attack
1.6.2Penetration Testing
1.6.3Types of Malware
1.6.4How Malware Spreads
1.6.5Protecting Against Malware
1.6.6Information Security
1.6.7Structured Query Language (SQL) Injection
1.6.8Firewalls
1.6.9Authentication: User Access Levels
1.6.10Authentication: Passwords
1.6.11Social Engineering
1.6.12Phishing
1.6.13Denial of Service Attacks
1.7Automated & Emerging Technologies
2Algorithms, Programming & Logic
2.1Algorithm Design & Problem Solving
2.1.1Computational Thinking - Abstraction
2.1.2Computational Thinking - Decomposition
2.1.3Computational Thinking - Algorithmic Thinking
2.1.4Pseudocode
2.1.5Flow Diagrams
2.1.6Interpreting, Correcting & Completing Algorithm
2.1.7Correcting Algorithms
2.1.8Completing Algorithms
2.1.9Testing
2.1.10Types of Testing
2.1.11Test Plans
2.1.12Validation & Sanitation
2.1.13Authentication & Contingencies
2.2Programming
2.2.1Programming Fundamentals - Variables & Constants
2.2.2Programming Fundamentals - Comments
2.2.3Programming Fundamentals - Input & Output
2.2.4Data Types
2.2.5Casting
2.2.6Controlling Program Flow - Sequence
2.2.7Controlling Program Flow - Selection
2.2.8Controlling Program Flow - Iteration
2.2.9Modularity - Subroutines
2.2.10Modularity - Scope
2.2.11Arrays
Jump to other topics
1Computer Systems
1.1Data Representation
1.1.1Binary Numbers
1.1.2Negative Binary Numbers
1.1.3Hexadecimal
1.1.4Using Hexadecimal
1.1.5Converting Binary & Hexadecimal
1.1.6Converting Denary & Hexadecimal
1.1.7Capacity
1.1.8Calculating Capacity Requirements
1.1.9Binary in Computer Systems
1.1.10Data Compression
1.1.11Run Length Encoding
1.1.12File Formats
1.2Data Transmission
1.3Hardware
1.3.1Elements of Computer Systems
1.3.2Types of Computer System
1.3.3Von Neumann Architecture
1.3.4The Fetch, Decode, Execute Cycle
1.3.5Factors Affecting CPU Performance
1.3.6Computational Logic
1.3.7Input Devices
1.3.82D & 3D Scanners
1.3.9Code Readers
1.3.10Solid State Storage
1.3.11Magnetic Storage
1.3.12Examples of Magnetic Storage
1.3.13Optical Storage
1.3.14Examples of Optical Storage
1.3.15Types of Optical disk
1.3.16Storage Requirements
1.3.17Translation - Compilers
1.3.18Translation - Interpreters
1.3.19Translation - Assemblers
1.3.20Acoustic Sensors
1.3.21Flow Sensors
1.3.22Gas Sensors
1.3.23Humidity Sensors
1.3.24Infrared Sensors
1.3.25Level Sensors
1.3.26Light Sensors
1.3.27Magnetic Field Sensors
1.3.28Moisture Sensors
1.3.29pH Sensors
1.3.30Pressure Sensors
1.3.31Proximity Sensors
1.3.32Temperature Sensors
1.3.33Network Hardware
1.5The Internet & its Uses
1.6Cyber Security
1.6.1Forms of Attack
1.6.2Penetration Testing
1.6.3Types of Malware
1.6.4How Malware Spreads
1.6.5Protecting Against Malware
1.6.6Information Security
1.6.7Structured Query Language (SQL) Injection
1.6.8Firewalls
1.6.9Authentication: User Access Levels
1.6.10Authentication: Passwords
1.6.11Social Engineering
1.6.12Phishing
1.6.13Denial of Service Attacks
1.7Automated & Emerging Technologies
2Algorithms, Programming & Logic
2.1Algorithm Design & Problem Solving
2.1.1Computational Thinking - Abstraction
2.1.2Computational Thinking - Decomposition
2.1.3Computational Thinking - Algorithmic Thinking
2.1.4Pseudocode
2.1.5Flow Diagrams
2.1.6Interpreting, Correcting & Completing Algorithm
2.1.7Correcting Algorithms
2.1.8Completing Algorithms
2.1.9Testing
2.1.10Types of Testing
2.1.11Test Plans
2.1.12Validation & Sanitation
2.1.13Authentication & Contingencies
2.2Programming
2.2.1Programming Fundamentals - Variables & Constants
2.2.2Programming Fundamentals - Comments
2.2.3Programming Fundamentals - Input & Output
2.2.4Data Types
2.2.5Casting
2.2.6Controlling Program Flow - Sequence
2.2.7Controlling Program Flow - Selection
2.2.8Controlling Program Flow - Iteration
2.2.9Modularity - Subroutines
2.2.10Modularity - Scope
2.2.11Arrays
Unlock your full potential with Seneca Premium
Unlimited access to 10,000+ open-ended exam questions
Mini-mock exams based on your study history
Unlock 800+ premium courses & e-books