Password

A password is a string of characters used to verify your user's identity during an authentication process. It enables you to pass or gain admission that allows you access to a computer, interface, or system.

While usernames are generally public information, passwords are private to each user. Most passwords are comprised of several characters, which can typically include letters, numbers, and most symbols, but not spaces.

Despite the name, there is no need for passwords to be actual words; indeed passwords which are not actual words may be harder to guess, a desirable property. Some passwords are formed from multiple words and may more accurately called a passphrase. The terms passcode and passkey are sometimes used when the secret information is purely numeric, such as the personal identification number (PIN) commonly used for ATM access. Passwords are generally short enough to be easily memorized and typed, although they may be longer and more complex if the user wishes to be more secure.

Passwords in military and espionage have long used not just a password, but a password and a counter-password for identification.

Password cracking is the art of obtaining the correct password that gives access to a system protected by an authentication method.

The ability to crack passwords using computer programs is also a function of the number of possible passwords per second which can be checked. If a hash of the target password is available to the attacker, this number can be in the billions or trillions per second, since an offline attack is possible.

Typically a nine-character passwords takes five days to break, 10-character words takes four months, and 11-character passwords takes 10 years. Make it up to 12 characters, and you're looking at up to 200 years' worth of security.

Nonetheless, a password-cracking expert has recently unveiled a computer cluster that can cycle through as many as 350 billion guesses per second. It's an almost unprecedented speed that can try every possible Windows passcode in the typical enterprise in less than six hours.

To generate a strong password you must mix meaningless words, numbers and symbols randomly, and at least 15 in length (mix uppercase and lowercase). Actually, strongest password equals to hardest remember password, for example: “E7r9t8@Q#h%Hy+M”.

That’s why some companies enforced password duration policies for decades, many security guidelines also recommended frequent password changes, usually every 30 and 180 days. Windows Servers had a default of 42 days, however, in most cases, these may now be outdated policies or recommendations.

A growing body of research suggests that frequent password changes make security worse. As frequent password changes do little to improve security and very possibly make security worse by encouraging the use of passwords that are more susceptible to cracking.

Stealing your passwords; collecting your private information; and snooping on your activities, are all ways that keylogging programs and devices can be used for ill-gotten gain.

Keyloggers themselves are not inherently malicious. They’re used by businesses to monitor employees and security, and by parents to check on their kids’ safety. But when they are used nefariously, victims can find their bank accounts emptied and their identity stolen.

A keylogger is simply a program or device that logs keystrokes you make on your device. However, those used by fraudsters are also Trojan horses, which hide on your system and send information back to a third party.

Keyloggers wind up on devices like any other malware via attachments in phishing emails, malicious downloads and webscripts. It then sends the stolen data to a remote location, usually via an unsecured port in your internet connection. As anti-virus software and operating systems become more effective at dealing with these kinds of exploits, data thieves are of course developing new ones and millions of devices are carrying them as we speak.

Remember, it is not an impossible task to break into a locked device. What’s required is to sift through some applications and tools which can serve the purpose.

Encryption can help keep your data safe. Many up-to-date phones are encrypted by default. If your Android device isn't encrypted by default, and is using Android 4.1 and up, you can choose to encrypt the data on your device.

iOS is safer than Android (for now) however, it's safe to assume that since Apple does not make APIs available to developers, the iOS operating system has fewer vulnerabilities, nonetheless, iOS isn't 100% invulnerable.

Using mobile phone tracking apps is the most well-known method of hacking someone's smartphone. If you suspect you're hacked or being tracked using your device, disabling any of these features can help prevent tracking and access.

• Turn off your data connection and Wi-Fi radios on your phone...
• Disable your GPS radio...
• Shut the phone down completely and remove the battery.

Food for thought!