Hackers can gain access to sensitive data by using clues about a user to unpick their passwords, an expert has said. News/Blogs."http://www.storetec.net/news-blog/cognitive-bias-gives-clues-that-help-password-hackers/".
7.pdf This presentation captures many uses and the significance of the number...
Cognitive bias ‘gives clues that help password hackers’
1. @StoretecHull
www.storetec.net
Facebook.com/storetec
Storetec Services Limited
Cognitive Bias ‘Gives Clues That Help
Password Hackers’
Hackers can gain access to sensitive data by using clues about a user
to unpick their passwords, an expert has said.
Security researcher Per Thorsheim told the BBC the bulk of passwords
are vulnerable because people tend to choose them according to
data relating to them, such as children's names, dates of birth and
house numbers.
2. Indeed, the most common failing occurs when people pick a pin
number, leading to 80 per cent of people using just 100 of the 10,000
possible numbers.
Demographics also make a difference, with women tending to go for
longer passwords and men emphasising diversity. Other influences
include the colours used in the logos of websites; the most commonly
used hue in passwords is blue, which features in the liveries of
Facebook, Twitter and Google.
3. Another researcher, Bruce Marshall, noted that cybercriminals can
often exploit a tendency of people to use the same password for
different sites by hacking one and then using this to gain entry to
others.
"If a criminal is cracking passwords then most likely they gathered them
from a specific site and are trying to gain access to additional
accounts," he noted.
4. All this suggests that the best way to keep passwords safe is to use
fairly obscure ones with little connection to the user.
For businesses, the loss of a password may be particularly dangerous,
not least as some people may use the same means of gaining access
to work accounts as they do for personal ones.
However, one way to help the situation could be to use data encryption
and remote storage to keep the cyber criminals at bay.
5. That would mean any cybercriminals who do get past the password
would be faced with information they would not be able to unscramble.
Shortcomings of data security are not just a challenge for small firms,
as a recent government survey of FTSE 350 firms found just 39 per
cent of them have used the government's ten-step cyber security
guidance to help keep data safe.