Our Blog Page Page Icon  

Our Blog.

Humans writing words that span topics from support to design to content management and beyond!

 

Resist Brute Force Attacks by Choosing Strong Passwords

 

There's a common but potentially devastating cyber security misconception among small businesses. This is the small fish in a big pond argument that a small business is just one target out of millions of businesses. This implies that they benefit from a safety in numbers, especially when there are much bigger and more tempting businesses for hackers to target.

 

However, this argument doesn't hold up because small businesses don't have the security resources of large businesses. This makes them much easier and more attractive to hack. Hackers also use software to locate targets according to varying criteria, many of which have to do with security vulnerabilities. If a target looks promising, hacking attempts will be made, regardless of business size. And it only takes a few months, at the most, for the software used by hackers to find a website. The huge numbers of hackers and their sophisticated technology means there's no safety in numbers.

 

Another fact to consider is that at least one type of hacking, called brute force, is easy to do and requires little more than an ability to follow instructions. You need only download a free network cracking tool such as Hydra and some quality word lists, and you're set to go. Brute force hacking is considered a script kiddie method. This low barrier to entry is a big reason for the proliferation of hackers.

 

When you successfully hack a business site and obtain data, converting it into cash is also convenient because of the many data black markets where you can find others who will buy what you have. Many data black markets operate in a similar way to eBay.

 

How Brute Force Hacking Works

 

Brute force software essentially tries to guess passwords at a login page by using all possible combinations of characters until one combination works. This can take a very long time for lengthy passwords and isn't practical. However, for short passwords of a few characters it's very feasible. The advantage of this method is that, with sufficient guessing, it always works.

 

However, many hackers only use this method as a last resort after word list or dictionary attacks have failed. A word list (or dictionary) attack tries commonly used passwords (such as 1234, qwerty, etc.) as well as common words and names people place in their passwords. This modified brute force method cracks passwords quickly, provided they are common or are built up from words. Commonly used number prefixes and suffixes may also be appended to word based guesses, since people often do this when making up a password, such as 123mypassword.

 

 

Protecting Your Business From Brute Force Hacking Methods

 

What the above clearly reveals is that long and random passwords are unhackable because they would take too long to break. Extremely long passwords might require hundreds of years. In addition, your login page should lock out users for a few hours after a certain number of failed login attempts.

 

An easy way to generate long memorable passwords is to use the first letter of each word of a long sentence. Choose a sentence that only has meaning to you. Include numbers in your sentence such as "2 people 8 3 slices of bread," where 8 means "ate". Special characters can be used as word substitutes (@ means "at," # means "number," etc). Your password should be at least 12 to 14 characters long, but longer if possible. If you have any comments or questions, don't hesitate to contact us.

add a comment
Subscribe to this Blog Like on Facebook Tweet this! Share on Google+ Share on LinkedIn

Contributors

Contributor Portrait
Brad Anderson
84
August 16, 2018
show Brad's posts
Contributor Portrait
Rob Matlow
80
September 5, 2017
show Rob's posts
Contributor Portrait
Todd Hannigan
46
June 19, 2017
show Todd's posts
Contributor Portrait
Sean Sanderson
62
May 8, 2017
show Sean's posts
Contributor Portrait
Christine Votruba
22
April 20, 2017
show Christine's posts
Contributor Portrait
Matt Stern
3
March 22, 2017
show Matt's posts
Contributor Portrait
Sean McParland
16
January 23, 2017
show Sean's posts
Contributor Portrait
Ryan Covert
47
August 4, 2016
show Ryan's posts

Latest Posts

Show All Recent Posts

Archive

Tags

Everything Content Management Technology Design Holidays Off Topic Support New Features Personal Gaming New Clients SEO REM News Project Management Account Management Training Marketing
 
Home Our Work Our Team Our Services WebWiz@rd™ Support Contact Us  

OUR ADDRESS

72 St Leger Street, Unit 2

Kitchener, ON, N2H 6R4

P: 519 884 4111 | TF: 1 866 754 4111 sales@remwebsolutions.com

 

Footer bullet Client Centre Login

 

Accessibility & Compliance Privacy Policy
 
 
© Copyright 2018 REM Web Solutions. All Rights Reserved.
Web Design and Content Management by REM Web Solutions.
 
FaceBook Twitter Linked In YouTube Google Plus Instagram our blog