Password security. A topic that concerns us almost every day. After all, all our accounts are protected by passwords. Our data is behind passwords. Accesses are password-protected. Software works via activation codes. Money transfers too. Number and letter codes – i.e. passwords – are everywhere. But when are they really secure?
Password security as a security vulnerability
Although the password is supposed to provide security and protect data, it is actually one of the biggest security gaps in data protection. We are talking about weak and strong passwords. There are better and worse passwords, but they all have one thing in common: none of them offer complete security.
In fact, over 80 percent of cybercrime is achieved via passwords. These are not necessarily weak passwords. Passwords are always vulnerable. A password is always a sequence of characters that does not change. Unless you change the password.
However, a static character string can inevitably be found out. It takes longer with strong passwords than with weak passwords, but they can all be cracked.
Of course, anyone can quickly find out a password like “12345”. But even a password like “ferwufh8erHFH)(ESHFSADHFjhfj9r80” consists of a fixed string of characters that can be figured out over a longer period of time. In case of doubt, character by character.
With modern technologies in particular, it is possible to read passwords or decrypt data. Actual password security therefore does not exist.
In addition, the users themselves are responsible for security gaps. Passwords that are used for multiple accounts are a major security risk. However, passwords have the major disadvantage that you have to remember them. And this becomes more difficult the more complex the passwords become and the more passwords there are. One password for all accounts that you can remember is easier than twelve passwords for twelve accounts, none of which you can remember.
How hackers crack passwords
We have already mentioned a few ways to crack a password. But let’s go into more detail. Hackers use special software that can figure out passwords. These technologies go through individual characters and, hit by hit, ensure that the password is revealed.
A password can also be easily calculated by using certain algorithms. For example, hackers can search for password combinations that they think are related to you. Let’s say you use your date of birth and one or two letters as your password. An attacker could have an algorithm search for the number combination of your date of birth together with two letters and the password would be delivered.
Of course, it is more difficult to find complex passwords. Even with an algorithm. However, this is also only a matter of time. If a hacker wants to figure out a password, he will figure it out.
A natural thought now is that this doesn’t have to affect everyone, because what does a hacker want to do with my data? But data always has a use. Attackers don’t necessarily use it to enrich themselves. It can also be just for the fun of annoying someone with a hack. And a hack can be incredibly annoying.
It is therefore better to prevent hacks directly. One way to do this is to use two-factor authentication with an authenticator. The codes required to log in via the authenticator are changed every 30 seconds. It is therefore virtually impossible to hack them and even if you do, you won’t be able to do anything with them after 30 seconds.
Conclusion
Passwords are never completely secure. That is why it is important to protect yourself several times over. Even complex passwords can inevitably be cracked. Hackers do not explicitly target only large corporations or companies. Small and medium-sized companies are particularly affected, as they are often easier targets. Private individuals are not safe either. Data is always a target for hackers. Where and from whom this data originates is of secondary importance. Weak password security does not stop them.