Data Security Expert Witness:
Safer passwords, Rules 1 - 3.

Electronic Evidence / Computer Forensics Articles

Scott Greene

------------------------------------------------------------

As part of our forensics practice, we sometimes have to break or “crack” passwords. Password cracking is much more difficult and can, perhaps, foil hackers when a few simple rules are followed. Here are some tips to help keep our client's data safe:

Three good rules for passwords:

1) Stay away from the dictionary! Standard words in a dictionary are far to easy to crack. There are many software products that will simply start with “a” and go to “Zythum” trying to find the password that will open the protected information. This type of Password Cracking is called a Dictionary Attack. And it is quite effective.

2) Use a Passphrase. A Passphrase is a longer password, perhaps a sentence or some other set of words that are strung together. This dramatically increases the time required to crack a password. Generally a Passphrase is going to be upwards of 15 characters in length. Use song titles, lyrics, favorite quotes, etc. to make the Passphrase memorable. Another technique related to the Passphrase is the Partial Passphrase. This involves using only a portion of the words in the Passphrase. For instance, use only the first or the first and second letter of each word of the Passphrase. Add numbers and symbols and you have increased the complexity dramatically. Place those numbers and symbols in the middle of the Passphrase and "crackability" drops dramatically.

3) Never use the same password twice. It is easy for us to fall into the habit of re-using passwords. The problem with that, however, is that once the bad guys have your password they have access to everything that particular password can open. So the hacker can move from a Facebook account into someone’s bank accounts.

Evidence Solutions, Inc.

Complex Electronic Evidence in PLAIN English.

Call us today with your Digital Evidence Questions: 866-795-7166 or This email address is being protected from spambots. You need JavaScript enabled to view it.

 

Related Articles:
Who is Watching You Online?

Law Firms Must Step Up Cybersecurity!

Social engineering attack on GoDaddy

Howdy, I'm a Hacker!

Social Engineering: How YOU are the Hacker’s Greatest Tool (and what you can do to prevent it!)

 

Complex Electronic Evidence in PLAIN English.

Like Evidence Solutions - Electronic Evidence on Facebook

Follow Evidence Solutions - Digital Evidence Division on LinkedIn

Circle Evidence Solutions - Digital Evidence Division on Google+

Google+ Author

Google+ Publisher