Cracking computer passwords is easier than you might think

Danny Bradbury
Province

You may think that your online information is safe, but in reality it’s only as safe as the password you use.

That handful of characters is all that stands between an online criminal and the contents of your EBay, Amazon or online banking account. How can you make sure that it doesn’t get compromised?

Short passwords are possibly the worst kind to use, because they are relatively easy to crack in what security experts call a brute force attack. Even the most basic modern desktop computers have enough processing power to guess passwords simply by trying different combinations of letters repeatedly. The fewer letters there are in a word, the more likely it is to be cracked.

Using real words (rather than random collections of letters and numbers that don’t mean anything) is also dangerous. Software exists that uses ‘dictionary attacks’ against passwords, running through hundreds of thousands of words in the English language on the assumption that people want to use a word they will remember. Somehow, ‘8uiklg5ybs’ just doesn’t stick in a person’s memory, whereas the name of their pet does.

“Either make up a scheme to generate good passwords, or use a random password generator,” says Will Whittaker, security expert and organizer of the CanSec West electronic security conference that takes place in Vancouver at the end of March. But don’t be tempted to use that password for everything. If it is compromised, thieves could use it to pilfer everything, including webmail accounts, banking sites, and e-commerce services.

Another option is to use pass phrases rather than passwords. Using a combination of words meaningful only to you (such as a line buried deep in your favourite book, for example, or some other mantra that you keep private) can create a long enough security key to thwart even the most determined attacker.

Such techniques may seem paranoid, but in an age when identity theft is a growing threat, some basic precautions could save you an awfully big headache in the future.

© The Vancouver Province 2008

This entry was posted on Wednesday, March 12th, 2008 at 12:00 pm and is filed under Technology Related Articles. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.