Javatpoint Logo
Javatpoint Logo

Defend against Password Cracking

The key line of defense is preventing your password from being cracked by hackers. The users and organization can use the following two ways to minimize the password cracking risk:

Password policies

The front line of defense is password policies. Password policies describe the set of rules to improve the security of a user's password by compelling or motivating users to create strong or safe passwords. The events of the password lifecycle like expiration, periods reset, and authentications are governed by password policies. Some policies of passwords provide advisory and best practices for the user. Some sites are using programming rules so that the users adhere to the policy. If the site has complicated criteria to create a password, and users are required to spend time, user frustration will arise. If you provide a password policy, which has guidelines and certainty for the user, it will help mitigate the frustration level of users. The examples of password policy are as follows:

Longer password: To substantially improve your password or security, you should create a longer password and passphrases. However, if the password regularly appears in the cracking dictionary, you should avoid that type of password and avoid the longer passwords that have been compromised previously.

Personal details: The password policy tells the user to not use any personal details or not use any link related to personal details while creating the password. Most users use their personal details while creating a password like pets, hobbies, DOB, account number, etc. A hacker will create the password combination using the personal details if they have access to see your personal information by social media. The password entered by the users should be checked to make sure that they don't include any basic information as login information or the name of the user.

Use different passwords: The different accounts should have different passwords. The password policies require users to enter different passwords for different accounts. It would be best if you did not use the same passwords for all your online accounts. The user should have distinct passwords, either working in the same department or using the same equipment.

Adopt passphrases: You should use passphrases like a standard. Policies of password require to create passphrases by the users as opposed to a password. The purpose of passphrases is the same. They have a large length; that's why it is harder to crack the passphrases. Numbers, letters and symbols should be included in an effective passphrase. It is easy for users to remember passphrases as compare to passwords.

Discourage sharing: The password should not be shared, and it is meant to be personal should be specified by the password policies. The adoption of 2FA (two-factor authentication) is another password policy. In the 2FA, a user should present two pieces of evidence: a password and a temporary code sent to the email or cellphone or other methods before login into the account.

Password screening

If you screen a dictionary attack against compromised passwords and a dictionary password list, it will become the best way to prevent dictionary attacks. Compromised password screens are used to collect the compromised data from a dark web source and the internet, and then it will determine the password which is trying to create by the user has been compromised. The tools of password screening work by checking the username's partial hash, password at login, setup of password, and reset. E-commerce companies and consumer sites use password screening to detect and prevent users from hackers who use previously compromised credentials.

Next TopicMagecart attack




Youtube For Videos Join Our Youtube Channel: Join Now

Feedback

Help Others, Please Share

facebook twitter pinterest

Learn Latest Tutorials

Splunk tutorial

Splunk
SPSS tutorial

SPSS
Swagger tutorial

Swagger
T-SQL tutorial

Transact-SQL
Tumblr tutorial

Tumblr
React tutorial

ReactJS
Regex tutorial

Regex
Reinforcement learning tutorial

Reinforcement Learning
R Programming tutorial

R Programming
RxJS tutorial

RxJS
React Native tutorial

React Native
Python Design Patterns

Python Design Patterns
Python Pillow tutorial

Python Pillow
Python Turtle tutorial

Python Turtle
Keras tutorial

Keras

Preparation

Aptitude

Aptitude
Logical Reasoning

Reasoning
Verbal Ability

Verbal Ability
Interview Questions

Interview Questions
Company Interview Questions

Company Questions

Trending Technologies

Artificial Intelligence

Artificial Intelligence
AWS Tutorial

AWS
Selenium tutorial

Selenium
Cloud Computing

Cloud Computing
Hadoop tutorial

Hadoop
ReactJS Tutorial

ReactJS
Data Science Tutorial

Data Science
Angular 7 Tutorial

Angular 7
Blockchain Tutorial

Blockchain
Git Tutorial

Git
Machine Learning Tutorial

Machine Learning
DevOps Tutorial

DevOps

B.Tech / MCA

DBMS tutorial

DBMS
Data Structures tutorial

Data Structures
DAA tutorial

DAA
Operating System

Operating System
Computer Network tutorial

Computer Network
Compiler Design tutorial

Compiler Design
Computer Organization and Architecture

Computer Organization
Discrete Mathematics Tutorial

Discrete Mathematics
Ethical Hacking

Ethical Hacking
Computer Graphics Tutorial

Computer Graphics
Software Engineering

Software Engineering
html tutorial

Web Technology
Cyber Security tutorial

Cyber Security
Automata Tutorial

Automata
C Language tutorial

C Programming
C++ tutorial

C++
Java tutorial

Java
.Net Framework tutorial

.Net
Python tutorial

Python
List of Programs

Programs
Control Systems tutorial

Control System
Data Mining Tutorial

Data Mining
Data Warehouse Tutorial

Data Warehouse