Time
8 hours 53 minutes
Difficulty
Beginner
CEU/CPE
11

Video Transcription

00:01
next. Let's look at password cracking.
00:05
So
00:06
how do militias Attackers figure out? Uses passwords?
00:10
Well, they can try variety of techniques.
00:13
A brute force attack says. Just try every possible combination of characters until you hit on the right one
00:21
Dictionary attacks.
00:23
Instead of just trying random characters, try words in the dictionary and obvious permutations.
00:29
Now, if you look at those two examples,
00:32
uppercase P at SS W. Zero RD might seem like a really clever password
00:38
because it's fairly easy to remember.
00:40
But the AI is replaced by
00:43
the at symbol
00:45
he always replaced by zero.
00:47
So you have a what's called a complex password. There's also an uppercase P and lower case letters in there,
00:53
but unfortunately, that's a very common combination that people come up with.
00:58
So that wouldn't be a good idea for a password.
01:00
Well, look, att Hello, one
01:03
that attempts to be a complex password because it has both letters and a number in it.
01:07
But frequently, when people add a number into their password, it is the number one
01:14
on the first part of it is a word in the dictionary, so that's not particularly clever either.
01:21
Another way hackers can get two passwords is to look to see if users have written it down somewhere.
01:27
So if a malicious user gets to your desk, for example,
01:32
they could look around on the desk, See if you Britain the password, like I said, you know, somewhere not very obvious, like under the keyboard, onto the mouse mat or in your top drawer, or even stuck up on the monitor or left lying around on a piece of paper.
01:47
So to guard against possible attacks,
01:49
users should be forced through policy to choose complex passwords. And by complex, we mean a mixture of lower case uppercase nono, non alphanumeric characters and numbers.
02:04
We should ensure users do not use names
02:07
like
02:07
people often tempted to use the name of their spouse there partner
02:12
their child, their pet,
02:14
their favorite movie star. And so on,
02:16
Um, or any words in the dictionary
02:21
do not use the same password for multiple. Resource is this is a very common problem now because
02:28
were now expected to log on to hundreds of different websites in the normal course of activity,
02:34
and you have to supposedly coming up with a different password for each website and each resource you connect to.
02:42
Problem is, of course, if somebody discovers your password,
02:45
they now have access to everything that uses that password.
02:49
So it's a good practice to have unique passwords for everything you connect to.
02:53
And finally never write down your password or disclose your password to anyone else.

Up Next

CompTIA IT Fundamentals

The CompTIA IT Fundamentals certification is aimed at people considering a career change to IT. The course will prepare you to take the CompTIA IT Fundamentals exam. If you are new to IT this course is prerequisite knowledge that allows you to tackle the more advanced A+ and Network+ CompTIA certifications that many IT professionals hold.

Instructed By

Instructor Profile Image
Ali Wasti
Instructor