Essay Example on Password authentication is the most common Authentication








Password authentication is the most common authentication method and in theory can be very successful at protecting yourself and your company against cyber threats Passwords are simply a secret combination of words and numbers usually known only to an individual to validate his identity They are commonly required to be accompanied with a username for further identity validation However according to a recent report 81 of data breaches were exploited through weak and or stolen passwords Verizon 2017 This unveils the underlying issue the password authentication can have Many users are using passwords that are too short and or predictable A 2016 study involving a team analysing over 10 million passwords on the web discovered that 17 of users had 123456 for their password Furthermore they published a list of most common passwords most of which were either too short or had far too predictable patterns such as qwerty Guccione 2018 Hostile forces are therefore given the opportunity to exploit the fact that most businesses are vulnerable to a cyber attack and businesses cannot simply hope they are not targeted by hostile elements by staying beneath the radar since most hackers are opportunistic and can exploit your vulnerability at any time For a business to simply implement a password authentication system is clearly not enough but countermeasures and restrictions are easily available to force users into creating stronger passwords Hackers use a variety of different tools and methods to crack passwords which are as follows

The single crack uses certain keywords such as directory names usernames or full names as its dictionary to try and crack your password It is therefore recommended to add certain numbers and a combination of cases at the start and end of your password Brute force attackers have no real strategy to get your password and simply rely on generating as many keyboard combinations as possible to crack your password Long passwords are mostly immune to this form of an attack as it would be impractical for the acker due to the time it would take However many users use short passwords in which the user could easily retrieve it The diagram was created to demonstrate the number of possible combinations to generate the correct password in accordance to the password length This is done through calculating the number of valid keys on the keyboard which is 96 upper and lower case 96n n password length would provide you with the number of combinations To easily safeguard a business from this form of attack you can add a minimum world limit restriction which is recommended to be 14 characters this provides a balance of memorability and security LLC 2018 Having a lockout system is also possible which locks the account for a time limit after a certain number of attempts Although this is not recommended as it may lockout genuine users A dictionary attack attempts to crack passwords using normal dictionary words to find a match This puts users at risk whom often use words such as cat or fish as their password This can be easily countered through requiring the user to add a combination of numbers and upper lower case letters The first screenshot shows a sample of passwords that I set and the cracking modes I used to attempt to crack them I used john the ripper tool to crack the passwords that I set The test1 used a single crack mode and was cracked relatively quickly due to the number of limited words it has to run through Test 2 used the dictionary word list mode and also was quickly cracked This tells us that strong passwords involve multiple words and numbers and also should not be words such as directory names addresses etc 

On the other hand the brute force incremental mode was not able to crack the password It was simply to slow at going through all the combinations to get the password Hackers may have more time and faster hardware and is therefore important for a business to ensure the password length is long enough for the hacker to give up trying to crack it This is more important as time goes on as more sophisticated machines with faster GPU s and CPU s would crack longer passwords faster Rather than trying to crack passwords hackers may decide to gain access to the database on a server revealing all the passwords stored on the hard drive in plain sight This is concerning as it leaves everyone s details stored on the server at the fingertips of a hostile entity Hashing algorithms help conceal passwords as binary digits adding a layer of protection for the password When creating an account the password inputted by the user goes through a hashing algorithm and stores it on the server as binary digits Whenever the user then tries to log the passwords goes through the hashing algorithm again and compares it to the hash on the database If the hashes match the user gains access Hashing can be useful for a business as a breach in security on the database does not immediately reveal all the passwords to the user rather just a list of hashes

Write and Proofread Your Essay
With Noplag Writing Assistance App

Plagiarism Checker

Spell Checker

Virtual Writing Assistant

Grammar Checker

Citation Assistance

Smart Online Editor

Start Writing Now

Start Writing like a PRO