Tuesday, 19 July 2016
Apart from knowing the best methods to create a strong
password, one should also be aware of the techniques used by hackers to crack
them. The recent torrent of massive data breaches has made the jobs of hackers
even easier as they are able to access the dumped data easily. In an explainer
video, YouTube channel Computerphile explains the process of password cracking
and the mistakes one commits while creating a new password.
Password
storage and its encryption is a common question that’s often discussed in the
cyber security world. At many occasions, when people mention encrypted
passwords, they really mean hashed passwords. Unlike encryption, a password
that’s undergone the hashing process, can’t be reversed using the same key.
However,
thanks to the leaked password hashes on the file-sharing websites and dark web,
our passwords are less secure than ever. Some of the latest data breaches
affected millions of LinkedIn and TalkTalk users.
For
a hacker, getting access to these password hashes, extracting real passwords
and using them to compromise the online accounts isn’t a tough task. Using the
same technique, the hackers are now increasingly targeting the social media
accounts of technology CEOs–Mark Zuckerberg, Jack Dorsey, Marissa Mayer–and
Hollywood celebrities.
Well,
even if you are using a super safe password that has been created using some
advanced techniques, these massive breaches have made them unsafe.
This
process has been explained in an exceptional manner by the YouTube channel
Computerphile.
https://www.youtube.com/watch?v=7U-RbOKanYs&feature=youtu.be
This
cracking video shows a deep learning beast that uses 4 NVIDIA GPUs and a
password cracking tool called Hashcat. Hashcat lets you do different types of
password cracking. Thanks to these GPUs, Hashcat takes billions of plain-text
passwords and hashes them using MD5 at a rate of 40 billion per second.
The
presenter explains the process in detail and tells you the best practices that
should be adopted while creating a new password. It’s always good to avoid
small combinations and dictionary words in your password. I’ll also suggest you
to keep changing your passwords from time-to-time.
