The Importance of Using Strong Passwords

      Comments Off on The Importance of Using Strong Passwords

The Importance of Using Strong Passwords

The use of strong passwords can slow or often defeat the various attack methods of compromising a Website’s security.

Although many alternatives for user authentication are available today, most users log on to their computer and on to remote computers using a combination of their user name and a password typed at their keyboard. To make it easier to remember their passwords, users often use the same or similar passwords on each system; and given a choice, most users will select a very simple and easy-to-remember password such as their birthday, their mother’s maiden name, or the name of a relative. Short and simple passwords are relatively easy for attackers to determine.

Some common methods that attackers use for discovering a victim’s password include:

Guessing—The attacker attempts to log on using the user’s account by repeatedly guessing likely words and phrases such as their children’s names, their city of birth, and local sports teams.
Online Dictionary Attack—The attacker uses an automated program that includes a text file of words. The program repeatedly attempts to log on to the target system using a different word from the text file on each try.
Offline Dictionary Attack—Similar to the online dictionary attack, the attacker gets a copy of the file where the hashed or encrypted copy of user accounts and passwords are stored and uses an automated program to determine what the password is for each account. This type of attack can be completed very quickly once the attacker has managed to get a copy of the password file.
Offline Brute Force Attack—This is a variation of the dictionary attacks, but it is designed to determine passwords that may not be included in the text file used in those attacks. Although a brute force attack can be attempted online, due to network bandwidth and latency they are usually undertaken offline using a copy of the target system’s password file. In a brute force attack, the attacker uses an automated program that generates hashes or encrypted values for all possible passwords and compares them to the values in the password file.

Each of these attack methods can be slowed down significantly or even defeated through the use of strong passwords. Therefore, whenever possible, all members should use strong passwords for all of their accounts.

Passwords are case-sensitive and may contain as many as 127 characters.

A strong password:
1. Does not contain the user name.
2. Is at least six characters long.
3. Contains characters from three of the following four groups:

Description                                                                                    Examples
Lowercase letters                                                                           a, b, c,…
Uppercase letters                                                                          A, B, C,…
Numerals                                                                                        0, 1, 2, 3, 4, 5, 6, 7, 8, 9
Symbols (all characters not defined as letters or numerals) ` ~ ! @ # $ % ^ & * ( ) _ + -={ } | [ ] \ : ” ; ‘ < > ? , . /

Kindly change your Password today to stronger one and note down your Transaction Password before making this change. Therefore, henceforth stop using 12345 or abcd.


Thank you all