WeakLink password breaking
I have been thinking about password security quite alot today, and it occurred to me that most people including myself use universal passwords. We know its wrong, but we almost can’t help our selfs, its to human.
The thing we fail to think about enough is that the more we give this password out the more we danger put it in, every website that has it in there database is a new link in the chain protecting our password. All that is required to get your password thus is to break into the weakest website that has it, all you need is one admin who is not hashing his passwords, or failing to salt them.
Thus when personally attacking someone’s electronic life, if they have a universal password all you need to do is attack the weakest website or system that has it, and for most people there could be upto 50 -100 systems. One of these is bound to have a security hole.
The second possible mode of attack is to setup a dummy website, and get the person is question to sign-up to it. All that needs to be done then, is read it straight out of a database.
In this form you can ask for all the other details you want,
You could even ask for information such as a mother maiden name, with all this you could get access to email accounts, facebook accounts, webspace, e-commerce account(Amazon,Email,Play.com). With addation information gained from these you then even access bank accounts.
Message of the Day
DONT BE HUMAN –> DONT USE A UNIVERSAL PASSWORD