You can see whether your current passwords you do use more than one, right? are rated “strong” by using Microsoft’s online Password Checker. I bet you’ll be unpleasantly surprised by the results.
The three keys to strong passwords are length, randomness, and use of different types of characters. Each additional character multiplies the potential combinations a brute-force attack must try.
Random passwords use upper- and lower-case letters, numbers, and symbols. When at least three of these four categories are used, an eight-character password should suffice in most instances. According to the FrontLine security site, such a password would take a century or more to crack by a hacker using a single PC. The eight-character standard is also the minimum the Microsoft Password Checker deems “strong.” Of course, the more characters in your password, the safer you’ll be.
If you wish to create your own password, use a sentence or phrase you can recall easily and then tweak it for each account. Read More»
Posted in Computer | No Comments »
The disclosure of a back door allowing bad guys to repeatedly guess Gmail passwords should remind us all to protect our accounts with long and strong character strings.
There’s a straightforward way to protect your online accounts use signin phrases that are easy for you to remember but hard for others to guess.
The latest vulnerability affecting Gmail accounts was recently revealed by security researcher Vicente Aguilera DĂaz in a posting on the Full Disclosure security list. (Aguilera previously revealed a Gmail flaw known as session-riding, which Google subsequently fixed, as reported by WS contributing editor Scott Spanbauer)
According to Aguilera’s new security alert, Google allows anyone with a Gmail account to guess another Gmail user’s password 100 times every two hours, or 1,200 times per day. No “captcha” keeps hacker bots from guessing passwords in this way. Worst of all: If a hacker controls, say, 100 Gmail accounts, 120,000 guesses can be made per day. Because Gmail accounts are free, many hackers control far more than 100 accounts, of course. Read More»
Posted in Internet, Software | No Comments »
As it promised, Microsoft Corp. yesterday started sending Windows Vista users an update that identifies illegal copies of the operating system installed with cracks that the company will disable when it distributes Service Pack 1 (SP1) in two weeks. Last Thursday, Microsoft announced the update, which detects two common cracks used to activate pirated copies of Vista, and said it would hit Windows Update (WU) within a week. Users who have left Vista’s recommended WU settings alone will receive the update automatically. Others, said Microsoft, must enable Automatic Update within Vista or manually call up WU from the Start menu.
A document posted to the company’s support site spelled out the details. Among other things, it promised that the 3MB update “does not affect the functionality of your operating system.” Read More»
Posted in Windows Vista | 3 Comments »
IT LOOKS LIKE Microsoft’s unhackable OS activation malware has been hacked. There is an active thread at the Keznews forums, and a summary on its main page about the crack. It is a simple brute force attack, dumb as a rock that just tries keys. If it gets one, you manually have to check it and try activation.
It is ugly, takes hours, is far from point and click, but it is said to work. I don’t have any Vista installs because of the anti-user licensing so I have not tested it personally. The method of attack has got to be quite troubling for MS on many grounds. The crack is a glorified guesser, and with the speed of modern PCs and the number of outstanding keys, the 25-digit serials are within range. The biggest problem for MS? Read More»
Posted in Windows Vista | No Comments »
Loading ...
