【Information Security Advocacy】Account and Password Management
publish date :
2024-03-28
update date :
2024-03-29
Account and Password Management
Common Password Cracking Techniques
- Brute Force Attack: Continuously trying all possible combinations to guess a password, crack login information, decrypt keys, or find hidden web pages. The longer and more complex the password, the longer it takes to crack.
- Rainbow Table: The password is encrypted by converting it into specific text through an algorithm. The rainbow table reverses the encrypted function to crack the encrypted password.
- Dictionary Attack: A subset of the brute force attack, it involves compiling databases of commonly used words, phrases, and number combinations to systematically test passwords. Therefore, avoid using overly simple and common word or number combinations, and change your password regularly.
- Credential Stuffing: Hackers use large quantities of leaked account passwords to systematically test combinations of usernames and passwords until they succeed, and then attempt to log in to different websites or systems using these credentials.
Protect Your Password!
- Ensure the password is different from the username, doesn't have obvious meanings (birthdays, ID numbers, etc.), and doesn't use consecutive keyboard combinations (e.g., qwerty...).
- Change your password at least once every 3 months.
- Use a high-strength password.
- Do not post your password on personal computers, screens, etc.
- When multiple users share a computer, set up different accounts and passwords for login to verify user identities and ensure operational security.
- Do not share computer system accounts with others.
- In case of personnel changes, cancel and collect the permissions of departing employees for various resources within the unit within the stipulated period.
Organizer:
Computer Center