Having a strong password for every application you use is crucial, as hackers can easily decipher basic passwords in minutes. A recent demonstration by an engineer showed how simple it is to hack into a user's account if they use a simple password. In this short, three-minute YouTube video, it took the engineer 2 minutes and 28 seconds to guess the password "superman," giving him complete access to the wireless connection by brute forcing its password.
What steps were used to brute-force the password?
The engineer installed KaliHunter on his Android phone and launched a functionality called Wifite. He then selected a wireless connection and used Wifite to automate discovering, cracking, and logging into the network. He exchanged information, including the device's MAC address, the wireless network's SSID, and the network's password (encryption key). In a matter of minutes, the password "superman" was successfully guessed.
Here is the 3-minute YouTube short showing how the white-hat hacker did it.
This is only one way hackers can attack your systems. Follow these password guidelines to prevent hackers from accessing your personal data.
- Infiniwiz warns against using the same password repeatedly on the websites you use. If your password is ever stolen and you use it frequently, hackers will have no trouble accessing the information on other websites.
- Passwords should have a minimum of 12 characters and include upper/lower case letters, digits, and special characters. While 9-10 characters should be enough, processing rates at least double every year, allowing hackers to "brute force" passwords faster. Choosing 12 characters will ensure you don't have to repeat the same practice in five years.
- Remembering complex passwords without duplicating them is impossible, so use a password management software like 1password.com.
- A word preceded or followed by a single number should also be avoided (e.g., Password1). Hackers will try guessing your password using word lists and popular passwords.
- Avoid using details in your password that could be known about you or found in your social media accounts (such as birthdays, the names of family members, hobbies, etc.).
- Avoid using a system to create passwords based on vendor or otherwise. For example, if you're creating a password for Amazon.com, making the password a1m1a1z1o1n1 will not help you.
Our job is to help companies create more unified business functions, improve customer service, and utilize technology to move forward. Chicago-experienced IT consulting experts will make your technology work for you and keep you from spending endless, frustrating hours managing your business IT. Managed IT is when the Infiniwiz team proactively takes care of all the IT headaches and hassles for you…So you can get done on your "to-do" list – like growing the business!