Security News > 2022 > August > Can your passwords withstand threat actors’ dirty tricks?

Can your passwords withstand threat actors’ dirty tricks?
2022-08-30 05:00

It can brute force passwords in the 9-12 character range too, if attackers just complement its speed with a few basic rules, masks, and dictionaries.

Threat actors could still crack a decent share of passwords, given enough dwell time and contextual information from a compromised environment.

Windows NT hashes, web accounts, databases, file encryption, and even password managers are protected by password hashing.

Have you ever struggled to justify the investment in tech solutions such as multi-factor authentication? If your bosses believe that user passwords are sufficient to protect user accounts and associated applications, pentesters can use password cracking to quickly prove them wrong.

In my own endeavors as a pentester, I've had engagements where clients have lost passwords to critical accounts because of an attack, as well as situations where a customer needed to open password-protected files left behind by an attacker.

Too many users choose passwords in several predictable ways.


News URL

https://www.helpnetsecurity.com/2022/08/30/stand-up-to-password-cracking/