Latest posts by Alvin Bryan (see all)
- Millionaire Tyupkin Malware ATM Hackers May Come to US, India After Hitting Europe - October 23, 2014
- BitLicense Will Allow Bitcoin Spying in New York - October 22, 2014
- Australians are Fighting Data Retention Laws - October 22, 2014
Brute force attacks still work because people ignore password security. Websites can use SSL encryption and it won’t matter if they don’t have decent passwords. Users can access their accounts through secure VPNs, but it won’t help if they still use weak passwords.
Accounts Breached Due to Bad Password Security
Many hacks on popular online services are successful because of bad password security. Hackers have lists of common passwords that they have compiled from many different sources. They feed these passwords to different online accounts until something gives. This is called the brute force attack. It is a very old method of cracking security. But it still works because people don’t pay attention to password security.
Hackers are continually working on cracking several systems at once, waiting for openings that get them one step closer to their goals. They have lists of usernames that they have been able to scrape from unsecured websites and traffic streams. They also get these usernames from accounts that are open to the public, like social media profiles. They match their lists of often used passwords to these usernames and wait for a hit. If users have not applied password security tips, it is likely that they are using weak passwords. Their accounts will be breached, and they can expect to be victims of theft, fraud, and pave the way for all their contacts to be the next targets.
Secure VPNs and Password Security
People use VPN services to access online accounts more securely. This is a good idea, but not all VPNs can protect users against brute force attacks. People need to select a VPN app that uses the OpenVPN protocol and offers high encryption levels. And they need to be on this VPN every time they go online if they want their information to remain private. Brute force attacks begin with pieces of personal information that can give hackers clues to what people might have as their usernames, for example. People need VPNs to protect that information from being intercepted in open Internet traffic streams.
Some websites have also taken a proactive stance to ensure better password security. They can access lists of bad passwords from security experts and disallow their use. Some require that users include special characters for password security. At the very least, they can warn users that they are making poor password security decisions. Websites are encouraged to force password security on their users, but ultimately it is up to people to apply good password security advice.
Hackers are taking advantage of people’s laziness, and it results in huge paydays. Both users and website administrators are too lazy to take password security seriously. There is tons of information available on bad passwords to be avoided and password security tips that can be easily applied. But many websites and their users don’t put the solutions into practice. There really is no good reason why brute force attacks should still work so well for cracking online accounts. Ten million people suffer from account hacks every year because they put themselves under unnecessary risk.