Hearing the word "password", we would all agree that the word is related to something secret, it is important and certainly should not be known by anyone. Securing important data with a password is an effective way to avoid the evil hands are not interested. Many people think that the data has been given the password is secure. Of course it is not 100% right. Quite easy for a hacker to break down the password because the hacker always has a way to do it.
There are several methods commonly used by hackers to steal passwords, namely:
1. Technical ways.
Technical manner, we use software to disassemble or break a password. For example, to read the file MS Word format and can not be opened because the password must be entered. We can use software such as Word Password Recovery can we download on the internet. we can use Google to search.
Technical methods used, among others, are:
Brute Force.
is the password search methods to try all the possibilities. There are also other ways that are also carried out by software, the method of Dictionary. Every word in the dictionary (dictionary) which will be matched with the stored password. If the password matches with him, then that password.
Brute Force Method tried all the existing characters. For example, by trying all the possibilities from AAAAA to zzzzz or 1,2,3,4,5,6,7,8,9. With symbols can also!#^$&*()_":?><+=]{. That way, you will find the desired password.
Keylogging
is a method for collecting, recording, and collecting anything that is pressed on the keyboard by the user (target / victim). Device for doing this is called Keylogger keylogging. There is a keylogger software, and there is also a form of hardware. Keylogger is a software that we install Keylogger software on the victim's computer, then the software will record any key is pressed. Tools commonly used are 007 Keylogger.
Usually a hardware keylogger hardware (connectors) between the keyboard and computer. The keyboard will be connected first to a new Keylogger to your computer. That way, we will know what the button is pressed by the victim and of course we can know what the password is typed. However, if the victim did copy paste for the password, it must have been a different story.
Network Sniffing
is a method to determine the password by monitoring traffic in and out of the package on a LAN. Thus, if a user enter a password on a site, will be recorded by the monitoring tools. For example, the password on Facebook or Yahoo! Mail. Tools we can use Wireshark for example, Ace Password Sniffer, Cain & Abel, and Brutus. Non-technical way.
2. Non-technical way means not directly related to the computer device or specific tools. Non-technical way is actually more to the approach (social engineering). For example, a chat, but only indirectly. For example, ask the victim about the operating system used, the name of his wife, a son, his girlfriend's name, date of birth, binantang favorite, favorite food, or anything related to the nature of the victim alias static unchanging. After getting all that, we can try to guess the password as the information we have got from the victim.
0 comments:
Post a Comment