Hackers are not those people those live behind your computer wearing black masks as shown in Google images. They can be one of those guys who we often hangout with and those who we see around daily. Because hacking is not just injecting some piece of crap code into our computer and spying our usernames & passwords, it also involves some types of guessing techniques along with some possible permutations and combinations.
In this article, I’m going to show you how easy can your passwords be guessed and hacked. This article is not for hackers but meant for those who sets weak passwords to their internet accounts and consider them safe. It is to make them realize the vulnerability they are getting themselves into.
Before we start, I would like you to consider the threat from people around us also. The following techniques told are based on this context. Though the hackers might not be people who know you, they might get some basic information from your social and internet profiles.
Guessing password of a dummy’s account
Guessing account passwords of computer and internet dummies is so easy. Let’s consider that I have a friend named ‘Peter Parker’ who was born on July 4th 1991. I know he’s a internet dummy and so can easily guess the following combinations of passwords for his internet accounts,Combinations of first name and birthdate:
- peter123 (Most general password a dummy would set)
- peter143 (Most general password a dummy would set)
- peter1234 (Most general password a dummy would set)
- peter1991 (Dummies choose their birth year in passwords frequently)
- peter12345 (Most general password a dummy would set)
- peter0407 (Dummies choose day and month of their birthday so often)
- peter4791 (When day, month and year are used in DMYY format)
- peter040791 (When day, month and year are used in DDMMYY format)
- peter04071991 (When day, month and year are used in DDMMYYYY format)
Combinations of last name and birthdate:
- parker123 (Most general password a dummy would set)
- parker143 (Most general password a dummy would set)
- parker1234 (Most general password a dummy would set)
- parker1991 (Dummies choose their birth year in passwords frequently)
- parker12345 (Most general password a dummy would set)
- parker0407 (Dummies choose day and month of their birthday so often)
- parker4791 (When day, month and year are used in DMYY format)
- parker040791 (When day, month and year are used in DDMMYY format)
- parker04071991 (When day, month and year are used in DDMMYYYY format)
Guessing passwords of a novice account
A novice is not like dummy. He would have little knowledge about internet security and the necessity to set a password including the alphabetic letters in both capital and small, numbers from 0-9 and special symbols. Setting a password using all type of possible characters on the keyboard would make it harder to a password guesser to hack. The combinations there by comes in 34! x 26! x 10! ways which is impossible to try million ways manually. Internet accounts would be blocked if the wrong login credential submissions are found to be more than the limited number of times.It may be a little hard to guess passwords of a novice, but not impossible at all. Though he got some knowledge about setting strong passwords, there would be still a dummy living in him. Let’s consider the same guy ‘Peter Parker’ who was born on July 4th 1991 and he is a novice this time. The combinations of password he would set are as follows,
- peter@123 (Most general password when special symbol is used alone)
- peter#123 (Most general password when special symbol is used alone)
- Peter@123 (Most general password when a capital letter is used along with special symbol)
- peter@143 (Most general password when special symbol is used alone)
- peter#143 (Most general password when special symbol is used alone)
- Peter#143 (Most general password when a capital letter is used along with the special symbol)
- peter@1234 (Most general password when special symbol is used alone)
- peter#1234 (Most general password when special symbol is used alone)
- Peter@1234 (Most general password when a capital letter is used along with the special symbol)
- peter@1991 (Novices choose their birth year in passwords frequently along with @ symbol)
- and so on..
Other than the four most used symbols shown above, some users prefer to choose _(underscore) and –(hyphen) also. Manipulating symbols like +,-,*,/ are used rarely.
Bottom line for guessing passwords of novices accounts: The symbols may be anything, a novice use it in between two phrases or words as a connection.
Guessing passwords of an expert’s account
It is hard to ‘guess’ a password of an expert’s account. An expert would always set tough passwords those of which are forgotten or mistyped by himself in the login fields sometimes. An expert would set a string that is quite not existed in his internet or computer legacy. So hackers choose a alterative way to find passwords of expert’s accounts. An expert would change his password for every 6 months to make it hard hacking his accounts on internet. A hacker is an expert but an expert need not to be a hacker. An expert can sense the danger and unusual activity and there by changes his account settings accordingly to keep himself secured.An expert chooses the character replacements instead of choosing vulnerable combinations. Possible key replacements an expert would be practicing are as follows,
4 for A
@ for a
$ for s or S
# for h
() for O
0 for o
! for i
% for b or d or p
9 for n
^ instead of _ for word separation
][ for I
}{ for H and
He uses +,=,>,<,?,/,*,~,:” and so smartly that no one could expect of.
Countermeasures from being guess-passed
There are no such magic words more than you came to knew in this article. Following these counter measures would help your account get guess-passed from a hacker.- Use CAPITAL LETTERS, special symbols, numbers and words that are not existed in dictionaries.
- Use long passwords which would multiple the number of combinations and would take time to try them all.
- Use your own spellings for the words you have used.
- Change your password for every 3-6 months.
- Don’t make your browsers remember your passwords.
- All of above don’t share your password to anyone, even with your best friend. Passwords are like inner wear, you cannot share them to anyone.
Do you have a better idea of guessing or setting a password? Feel free to share it with us in comments.
Stay safe online!
Post a Comment